www.pointtown.com Open in urlscan Pro
45.60.1.176 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pointtown.com/ptu/exchange/index
Submission Tags: falconsandbox
Submission: On October 09 via api (October 9th 2021, 5:09:47 pm UTC) from US — Scanned from DE

Summary HTTP 250 Redirects Links 85 Behaviour Indicators

Summary

This website contacted 54 IPs in 6 countries across 48 domains to perform 250 HTTP transactions. The main IP is 45.60.1.176, located in United States and belongs to INCAPSULA, US. The main domain is www.pointtown.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA H2 2021 on September 10th 2021. Valid for: 6 months.

This is the only time www.pointtown.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	45.60.1.176 45.60.1.176	19551 (INCAPSULA) (INCAPSULA)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2606:4700::68... 2606:4700::6810:5614	13335 (CLOUDFLAR...) (CLOUDFLARENET)
82	2600:9000:206... 2600:9000:206f:3e00:1d:253d:9ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	143.204.209.90 143.204.209.90	16509 (AMAZON-02) (AMAZON-02)
2	143.204.209.38 143.204.209.38	16509 (AMAZON-02) (AMAZON-02)
4	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
1	13.32.29.46 13.32.29.46	16509 (AMAZON-02) (AMAZON-02)
3	52.76.182.76 52.76.182.76	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
1	13.251.209.234 13.251.209.234	16509 (AMAZON-02) (AMAZON-02)
1 2	18.141.68.152 18.141.68.152	16509 (AMAZON-02) (AMAZON-02)
1 1	172.104.64.149 172.104.64.149	63949 (LINODE-AP...) (LINODE-AP Linode)
1	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
2 6	34.98.67.3 34.98.67.3	15169 (GOOGLE) (GOOGLE)
7	163.171.132.119 163.171.132.119	54994 (QUANTILNE...) (QUANTILNETWORKS)
1	34.107.220.231 34.107.220.231	15169 (GOOGLE) (GOOGLE)
2	13.32.29.123 13.32.29.123	16509 (AMAZON-02) (AMAZON-02)
4	13.32.21.201 13.32.21.201	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:214... 2600:9000:214f:f800:8:20a4:6400:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
2	54.251.50.59 54.251.50.59	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:803::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
4 5	193.0.160.129 193.0.160.129	54312 (ROCKETFUEL) (ROCKETFUEL)
10 21	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2406:da14:9ab... 2406:da14:9ab:eb00:a656:c6e4:eb32:a5a1	16509 (AMAZON-02) (AMAZON-02)
19	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
5 9	23.218.208.246 23.218.208.246	16625 (AKAMAI-AS) (AKAMAI-AS)
4 6	37.252.172.249 37.252.172.249	29990 (ASN-APPNEX) (ASN-APPNEX)
23	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
1	23.218.208.133 23.218.208.133	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.250.184.194 142.250.184.194	15169 (GOOGLE) (GOOGLE)
1	144.76.202.54 144.76.202.54	24940 (HETZNER-AS) (HETZNER-AS)
1	136.243.13.222 136.243.13.222	24940 (HETZNER-AS) (HETZNER-AS)
6	136.243.12.210 136.243.12.210	24940 (HETZNER-AS) (HETZNER-AS)
2 2	3.123.163.175 3.123.163.175	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2606:4700::68... 2606:4700::6812:d05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6 7	18.193.90.196 18.193.90.196	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 1	2620:112:f002... 2620:112:f002:bbbb::21	6336 (TURN-US-ASN) (TURN-US-ASN)
1	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (AMOBEE) (AMOBEE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	85.114.159.118 85.114.159.118	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	52.17.35.107 52.17.35.107	16509 (AMAZON-02) (AMAZON-02)
1	3.230.12.180 3.230.12.180	14618 (AMAZON-AES) (AMAZON-AES)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	82.113.101.236 82.113.101.236	6805 (TDDE-ASN1) (TDDE-ASN1)
1	162.247.243.147 162.247.243.147	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	34.102.147.248 34.102.147.248	15169 (GOOGLE) (GOOGLE)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
250	54

8 45.60.1.176 (United States)

ASN19551 (INCAPSULA, US)

www.pointtown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700::6810:5614 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

82 2600:9000:206f:3e00:1d:253d:9ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img.pointtown.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-90.fra53.r.cloudfront.net

cdn.qgraph.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.209.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-209-38.fra53.r.cloudfront.net

pointtown.karakuri.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.29.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-46.fra56.r.cloudfront.net

cdn.qgr.ph	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.76.182.76 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-76-182-76.ap-southeast-1.compute.amazonaws.com

aiqua-config.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
aiqua-sdk.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.251.209.234 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-251-209-234.ap-southeast-1.compute.amazonaws.com

aiqua-user.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.141.68.152 (Singapore, Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-141-68-152.ap-southeast-1.compute.amazonaws.com

api.quantumgraph.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.104.64.149 (Tokyo, Japan) 1 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: li1674-149.members.linode.com

gocm.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.67.3 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 3.67.98.34.bc.googleusercontent.com

jp-tags.mediaforge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ut.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consent.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tags.rd.linksynergy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 163.171.132.119 (Germany)

ASN54994 (QUANTILNETWORKS, US)

cache.img.gmo.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.107.220.231 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 231.220.107.34.bc.googleusercontent.com

a.t.webtracker.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.29.123 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-29-123.fra56.r.cloudfront.net

analytics.karakuri.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.32.21.201 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-201.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:f800:8:20a4:6400:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.dc-tag.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.251.50.59 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-251-50-59.ap-southeast-1.compute.amazonaws.com

aiqua-sdk.c.appier.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:803::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ad.yieldmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 193.0.160.129 (United States) 4 redirects

ASN54312 (ROCKETFUEL, US)

20626465p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.130 (United States) 10 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.165 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2406:da14:9ab:eb00:a656:c6e4:eb32:a5a1 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)

t.dc-tag.jp	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 23.218.208.246 (Frankfurt am Main, Germany) 5 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-246.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 37.252.172.249 (Frankfurt am Main, Germany) 4 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.218.208.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-218-208-133.deploy.static.akamaitechnologies.com

s79.mxcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.184.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 144.76.202.54 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h526.meetrics.de

stat.meetrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.243.13.222 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h397.meetrics.de

s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 136.243.12.210 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: h309.meetrics.de

b70.s79.research.de.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.123.163.175 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-163-175.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:d05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 18.193.90.196 (Frankfurt am Main, Germany) 6 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-90-196.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:112:f002:bbbb::21 (United States) 1 redirects

ASN6336 (TURN-US-ASN, US)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)

r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.118 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.17.35.107 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-35-107.eu-west-1.compute.amazonaws.com

r.scoota.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.230.12.180 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-230-12-180.compute-1.amazonaws.com

sync.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.113.101.236 (Hanau, Germany)

ASN6805 (TDDE-ASN1, DE)
PTR: portal.blau.de

portal.blau.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.147 (United States)

ASN13335 (CLOUDFLARENET, US)

bam-cell.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.102.147.248 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 248.147.102.34.bc.googleusercontent.com

intljs.rmtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
90	pointtown.com www.pointtown.com img.pointtown.com	2 MB
34	doubleclick.net 10 redirects securepubads.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	223 KB
33	googlesyndication.com d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	183 KB
23	2mdn.net s0.2mdn.net	340 KB
9	casalemedia.com 5 redirects dsum-sec.casalemedia.com	8 KB
7	bidswitch.net 6 redirects x.bidswitch.net	4 KB
7	de.com s79.research.de.com b70.s79.research.de.com	2 KB
7	gmo.jp cache.img.gmo.jp	373 KB
7	appier.net 1 redirects aiqua-config.c.appier.net aiqua-user.c.appier.net gocm.c.appier.net aiqua-sdk.c.appier.net	4 KB
6	adnxs.com 4 redirects ib.adnxs.com	6 KB
5	rfihub.com 4 redirects 20626465p.rfihub.com a.rfihub.com p.rfihub.com	5 KB
5	jsdelivr.net cdn.jsdelivr.net	14 KB
4	amazon-adsystem.com c.amazon-adsystem.com	40 KB
4	linksynergy.com ut.rd.linksynergy.com consent.linksynergy.com tags.rd.linksynergy.com	34 KB
4	karakuri.ai pointtown.karakuri.ai analytics.karakuri.ai	85 KB
3	google.com www.google.com adservice.google.com	2 KB
2	rlcdn.com 2 redirects idsync.rlcdn.com	803 B
2	3lift.com 2 redirects eb2.3lift.com	941 B
2	scoota.co 2 redirects r.scoota.co	1 KB
2	turn.com 1 redirects ad.turn.com r.turn.com	857 B
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	2 KB
2	googletagservices.com www.googletagservices.com	75 KB
2	rubiconproject.com 1 redirects pixel.rubiconproject.com	696 B
2	facebook.com www.facebook.com	534 B
2	google.de www.google.de adservice.google.de	1 KB
2	dc-tag.jp s.dc-tag.jp t.dc-tag.jp	14 KB
2	facebook.net connect.facebook.net	170 KB
2	mediaforge.com 2 redirects jp-tags.mediaforge.com	255 B
2	quantumgraph.com 1 redirects api.quantumgraph.com	647 B
2	google-analytics.com www.google-analytics.com	21 KB
2	qgraph.io cdn.qgraph.io	138 KB
2	cloudflare.com cdnjs.cloudflare.com	12 KB
1	rmtag.com intljs.rmtag.com	7 KB
1	nr-data.net bam-cell.nr-data.net	925 B
1	blau.de portal.blau.de	616 B
1	newrelic.com js-agent.newrelic.com	12 KB
1	advertising.com sync.adaptv.advertising.com	14 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	583 B
1	quantserve.com cms.quantserve.com	463 B
1	mathtag.com 1 redirects sync.mathtag.com	829 B
1	meetrics.net stat.meetrics.net	351 B
1	mxcdn.net s79.mxcdn.net	57 KB
1	yieldmanager.com ad.yieldmanager.com	367 B
1	webtracker.jp a.t.webtracker.jp
1	googleadservices.com www.googleadservices.com	18 KB
1	qgr.ph cdn.qgr.ph	2 KB
250	48

	Domain	Requested by
82	img.pointtown.com	www.pointtown.com img.pointtown.com
23	s0.2mdn.net	www.pointtown.com s0.2mdn.net d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
21	cm.g.doubleclick.net	10 redirects googleads.g.doubleclick.net d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com www.pointtown.com
19	pagead2.googlesyndication.com	d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.pointtown.com s0.2mdn.net www.googletagservices.com
11	tpc.googlesyndication.com	d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com tpc.googlesyndication.com securepubads.g.doubleclick.net s0.2mdn.net
9	dsum-sec.casalemedia.com	5 redirects googleads.g.doubleclick.net
8	www.pointtown.com	www.pointtown.com
7	x.bidswitch.net	6 redirects
7	cache.img.gmo.jp	www.pointtown.com cache.img.gmo.jp
6	b70.s79.research.de.com	d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
6	ib.adnxs.com	4 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	www.googleadservices.com d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com www.pointtown.com
5	cdn.jsdelivr.net	www.pointtown.com cdn.jsdelivr.net
4	googleads4.g.doubleclick.net	www.pointtown.com
4	aiqua-sdk.c.appier.net	www.pointtown.com
4	c.amazon-adsystem.com	www.pointtown.com
4	securepubads.g.doubleclick.net	www.pointtown.com securepubads.g.doubleclick.net
3	d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	idsync.rlcdn.com	2 redirects
2	eb2.3lift.com	2 redirects
2	r.scoota.co	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	p.rfihub.com	2 redirects
2	pm.w55c.net	2 redirects
2	www.googletagservices.com	d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
2	pixel.rubiconproject.com	1 redirects www.pointtown.com
2	a.rfihub.com	1 redirects d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
2	www.facebook.com	www.pointtown.com
2	www.google.com	www.pointtown.com tpc.googlesyndication.com
2	connect.facebook.net	www.pointtown.com connect.facebook.net
2	analytics.karakuri.ai	pointtown.karakuri.ai www.pointtown.com
2	ut.rd.linksynergy.com	www.pointtown.com jp-tags.mediaforge.com
2	jp-tags.mediaforge.com	2 redirects
2	api.quantumgraph.com	1 redirects www.pointtown.com
2	www.google-analytics.com	www.pointtown.com www.google-analytics.com
2	pointtown.karakuri.ai	www.pointtown.com pointtown.karakuri.ai
2	cdn.qgraph.io	www.pointtown.com cdn.qgr.ph
2	cdnjs.cloudflare.com	www.pointtown.com
1	tags.rd.linksynergy.com	ut.rd.linksynergy.com
1	consent.linksynergy.com
1	intljs.rmtag.com	jp-tags.mediaforge.com
1	bam-cell.nr-data.net	js-agent.newrelic.com
1	portal.blau.de
1	js-agent.newrelic.com	www.pointtown.com
1	sync.adaptv.advertising.com	d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
1	dsp.adfarm1.adition.com	1 redirects
1	cms.quantserve.com	d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
1	r.turn.com
1	ad.turn.com	1 redirects
1	s.tribalfusion.com
1	a.tribalfusion.com	1 redirects
1	sync.mathtag.com	1 redirects
1	s79.research.de.com	s79.mxcdn.net
1	stat.meetrics.net	s79.mxcdn.net
1	s79.mxcdn.net	s0.2mdn.net
1	t.dc-tag.jp	www.pointtown.com
1	20626465p.rfihub.com	1 redirects
1	ad.yieldmanager.com	www.pointtown.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google.de	www.pointtown.com
1	s.dc-tag.jp	www.pointtown.com
1	a.t.webtracker.jp	www.pointtown.com
1	www.googleadservices.com	www.pointtown.com
1	gocm.c.appier.net	1 redirects
1	aiqua-user.c.appier.net	cdn.qgraph.io
1	aiqua-config.c.appier.net	cdn.qgraph.io
1	cdn.qgr.ph	cdn.qgraph.io
250	68

This site contains links to these domains. Also see Links.

Domain
support.pointtown.com
www.dreammail.jp
infoq.jp
catalogue.membershiprewards.jp
www.amazon.co.jp
www.instagram.com
twitter.com
www.facebook.com
line.me
www.jipc.jp
www.jpcert.or.jp
www.gmo.media
www.gmo.jp
kumapon.jp
point.gmo.jp
www.fxprime.com
www.kumagai.com
www.onamae.com
muumuu-domain.com
www.value-domain.com
www.domainking.jp
www.onamae-server.com
www.conoha.jp
lolipop.jp
www.value-server.com
www.wadax.ne.jp
shared.gmocloud.com
cloud.gmo.jp
altus.gmocloud.com
private-c.gmocloud.com
goope.jp
www.makeshop.jp
shop-pro.jp
www.cloudec.jp
www.ecorigins.jp
www.gmo-pg.com
www.epsilon.jp
www.gmo-ps.com
jp.globalsign.com
www.toritonssl.com
minne.com
www.itempost.jp
taxel.media
gmodsp.jp
akane-ad.com
www.koukoku.jp
smaad.net
seo.gmo.jp
seo-dash.net
meo-dash.com
semlabo.com
www.gmo-research.jp
www.gmo-c.jp
www.gmo-vp.com
trustlogin.com
gmo-app.jp
www.gmosign.com
www.nomyne.com
runsystem.net
chintaidx.com
freenance.net
reemo.me
gmossp.jp
www.teacup.com
30d.jp
www.kabegami.com
prican.jp
gmobb.jp
smafi.info
www.to-b.jp
kireipass.jp
gmo-aozora.com
www.click-sec.com
coin.z.com
gesoten.com
www.gmo-agree.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-09-10` - `2022-03-11`	6 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
pointtown.com Amazon	`2020-11-30` - `2021-12-29`	a year	crt.sh
aiqua.appier.com Amazon	`2021-05-08` - `2022-06-06`	a year	crt.sh
karakuri.ai Amazon	`2021-06-03` - `2022-07-02`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.api.qgraph.io Amazon	`2021-04-24` - `2022-05-23`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.rd.linksynergy.com Thawte RSA CA 2018	`2020-01-03` - `2022-01-05`	2 years	crt.sh
cache.img.gmo.jp GlobalSign GCC R3 DV TLS CA 2020	`2021-01-26` - `2022-01-18`	a year	crt.sh
a.t.webtracker.jp R3	`2021-09-02` - `2021-12-01`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2021-07-06` - `2022-06-27`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-07-20` - `2021-10-18`	3 months	crt.sh
*.dc-tag.jp Amazon	`2021-04-20` - `2022-05-19`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.de GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-09-27` - `2021-11-17`	2 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-30` - `2022-04-04`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.mxcdn.net DigiCert SHA2 Secure Server CA	`2020-12-07` - `2021-12-14`	a year	crt.sh
meetrics.net R3	`2021-09-22` - `2021-12-21`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.turn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-31` - `2022-03-31`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-05-24` - `2021-11-17`	6 months	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2021-10-06` - `2022-11-07`	a year	crt.sh
*.o2online.de DigiCert TLS RSA SHA256 2020 CA1	`2021-01-19` - `2022-02-19`	a year	crt.sh
*.nr-data.net DigiCert SHA2 Secure Server CA	`2020-02-05` - `2022-02-08`	2 years	crt.sh
*.rmtag.com Thawte RSA CA 2018	`2020-01-23` - `2022-02-26`	2 years	crt.sh
consent.linksynergy.com GTS CA 1D4	`2021-09-20` - `2021-12-19`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.pointtown.com/ptu/exchange/index
Frame ID: 0BB98CFD9910F9B925E3B04915AC4361
Requests: 148 HTTP requests in this frame

Frame: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: ACD7643C3CC532086A7253402DDA5F63
Requests: 1 HTTP requests in this frame

Frame: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6C479BA6A615803C563D71551720650F
Requests: 23 HTTP requests in this frame

Frame: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 29FC9CD154852FA882DBBF2286583D1E
Requests: 13 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: E5554DED751919F06674AF7478399F56
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNXbD_1scefYoqjRpxalhEfsaZThXY5DO59qALbN4xXtTRx74X7cS8iherM2Jo860rfrnH-j4h_aj4Lp0i3Vlo4aLpIsu-mJBoy_Dhi-aMGHjUm5Qvaxjka6C5lkuqpLfmu6EcM1za3BHYqo20NWURodF-kvoTVWhjGP4j80a7yEnh_RX-8
Frame ID: 6DFC1626F925E04E7E05AD61B5A1F6D3
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiJ6byiATAB&v=APEucNXjph48G8D9V6HteuujWPG1-6yFWvqKnI7irMkT4izfRLdBCnUoVSEUHPbrt4PPEPFeicNU1T6sWfQfUUiWnGtpGh1QsaHPRxfUFWoN4WizxR2pDv__o1IIwkpqnC_clGefEsc6MGpwGCu1w-NTorKIMFwJSCbbd9uFa-4YPwJSqamkW_w
Frame ID: AD19E6D2194FC2F9FE1C92448E55C8BA
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
Frame ID: A9ED6E222F45D8AD2F1A4212633F8ACF
Requests: 12 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2
Frame ID: 992902E55B976DFFC75CB54C40750306
Requests: 11 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 1A4765ABD67DC0F8989DF0739A1CE8BD
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 26B2BD5C7B54814C43801CD80BCF19DE
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 6C043579993515C23C03D225C0BB17B5
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: CEEAF186EACBF6B456781CE4B4EBBFA2
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5B508DFA2C96E247ED6E4A1778B0F157
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3126285AD4E57D0BE31C61D7C1C77218
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js
Frame ID: A4A837B810051E982FDBF4ACD335F75E
Requests: 1 HTTP requests in this frame

Frame: https://ut.rd.linksynergy.com/pix/5619?type=pos&href=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&_rm_fire3p=true
Frame ID: 1590D361D1767563F5C715A87BE6ED8F
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ポイントサイトでお小遣いを稼ぐならポイントタウン byGMOpt-icon--search

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Ionicons (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+ionicons(?:\.min)?\.css

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/slick(?:\.min)?\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

250
Requests

100 %
HTTPS

37 %
IPv6

48
Domains

68
Subdomains

54
IPs

6
Countries

3401 kB
Transfer

6535 kB
Size

60
Cookies

85 Outgoing links

These are links going to different origins than the main page.

URL: https://support.pointtown.com/hc/ja
Title: よくある質問

Search URL Search Domain Scan URL

URL: https://www.dreammail.jp/pointuse/ptown/

Search URL Search Domain Scan URL

URL: https://infoq.jp/point/exchange/detail/27

Search URL Search Domain Scan URL

URL: https://catalogue.membershiprewards.jp/viewgiftcardawarddetail.mtw?productid=16119297

Search URL Search Domain Scan URL

URL: https://www.amazon.co.jp/giftcard/tc
Title: こちら

Search URL Search Domain Scan URL

URL: https://www.instagram.com/pointtown_official/
Title: Instagram

Search URL Search Domain Scan URL

URL: https://twitter.com/point_town
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pointtown/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://line.me/R/ti/p/%40akr6618k
Title: LINE公式アカウント

Search URL Search Domain Scan URL

URL: http://www.jipc.jp/

Search URL Search Domain Scan URL

URL: https://www.jpcert.or.jp/pr/stop-password.html

Search URL Search Domain Scan URL

URL: https://www.gmo.media/company/
Title: 会社概要

Search URL Search Domain Scan URL

URL: https://www.gmo.media/recruit/
Title: 採用情報

Search URL Search Domain Scan URL

URL: http://www.gmo.jp/

Search URL Search Domain Scan URL

URL: https://kumapon.jp/
Title: 割引クーポン

Search URL Search Domain Scan URL

URL: https://point.gmo.jp/
Title: 共通ポイントサービス

Search URL Search Domain Scan URL

URL: https://www.fxprime.com/
Title: FX

Search URL Search Domain Scan URL

URL: https://www.kumagai.com/
Title: 社長ブログ

Search URL Search Domain Scan URL

URL: https://www.onamae.com/
Title: お名前.com

Search URL Search Domain Scan URL

URL: https://muumuu-domain.com/
Title: ムームードメイン

Search URL Search Domain Scan URL

URL: https://www.value-domain.com/
Title: VALUE DOMAIN

Search URL Search Domain Scan URL

URL: https://www.domainking.jp/
Title: ドメインキング

Search URL Search Domain Scan URL

URL: https://www.onamae.com/column/
Title: Web学園

Search URL Search Domain Scan URL

URL: https://www.onamae-server.com/
Title: お名前.comレンタルサーバー

Search URL Search Domain Scan URL

URL: https://www.conoha.jp/
Title: ConoHa

Search URL Search Domain Scan URL

URL: https://www.conoha.jp/wing/
Title: ConoHa WING

Search URL Search Domain Scan URL

URL: https://lolipop.jp/
Title: ロリポップ!レンタルサーバー

Search URL Search Domain Scan URL

URL: https://www.value-server.com/
Title: バリューサーバー

Search URL Search Domain Scan URL

URL: https://www.wadax.ne.jp/
Title: WADAX

Search URL Search Domain Scan URL

URL: https://shared.gmocloud.com/
Title: GMOクラウドレンタルサーバー

Search URL Search Domain Scan URL

URL: https://www.onamae.com/server/bepossible/
Title: レンタルサーバーでできること

Search URL Search Domain Scan URL

URL: https://www.conoha.jp/lets-wp/
Title: ワプ活

Search URL Search Domain Scan URL

URL: https://cloud.gmo.jp/
Title: GMOアプリクラウド

Search URL Search Domain Scan URL

URL: https://altus.gmocloud.com/
Title: GMOクラウドALTUS

Search URL Search Domain Scan URL

URL: https://private-c.gmocloud.com/
Title: GMOクラウド Private

Search URL Search Domain Scan URL

URL: https://goope.jp/
Title: グーペ

Search URL Search Domain Scan URL

URL: https://www.makeshop.jp/main/plan/kodawari/
Title: こだわりデザイン

Search URL Search Domain Scan URL

URL: https://shop-pro.jp/
Title: カラーミーショップ

Search URL Search Domain Scan URL

URL: https://www.makeshop.jp/
Title: MakeShop

Search URL Search Domain Scan URL

URL: https://www.cloudec.jp/
Title: GMOクラウドEC

Search URL Search Domain Scan URL

URL: https://www.ecorigins.jp/
Title: ecOrigins byGMO

Search URL Search Domain Scan URL

URL: https://www.gmo-pg.com/service/mulpay/
Title: PGマルチペイメントサービス

Search URL Search Domain Scan URL

URL: https://www.epsilon.jp/
Title: イプシロン

Search URL Search Domain Scan URL

URL: https://www.gmo-ps.com/
Title: GMO後払い

Search URL Search Domain Scan URL

URL: https://jp.globalsign.com/
Title: GlobalSign

Search URL Search Domain Scan URL

URL: https://www.toritonssl.com/
Title: アルファSSL

Search URL Search Domain Scan URL

URL: https://minne.com/
Title: minne

Search URL Search Domain Scan URL

URL: http://www.itempost.jp/
Title: アイテムポスト

Search URL Search Domain Scan URL

URL: https://taxel.media/
Title: TAXEL

Search URL Search Domain Scan URL

URL: http://gmodsp.jp/
Title: GMODSP

Search URL Search Domain Scan URL

URL: https://akane-ad.com/
Title: AkaNe

Search URL Search Domain Scan URL

URL: https://www.koukoku.jp/
Title: GMO NIKKO

Search URL Search Domain Scan URL

URL: https://smaad.net/
Title: GMO SmaAD

Search URL Search Domain Scan URL

URL: http://seo.gmo.jp/
Title: GMOSEO+

Search URL Search Domain Scan URL

URL: https://seo-dash.net/
Title: SEO Dash! byGMO

Search URL Search Domain Scan URL

URL: https://meo-dash.com/
Title: MEO Dash! byGMO

Search URL Search Domain Scan URL

URL: https://semlabo.com/
Title: WEB集客ラボ byGMO

Search URL Search Domain Scan URL

URL: https://www.gmo-research.jp/
Title: GMOリサーチ

Search URL Search Domain Scan URL

URL: https://infoq.jp/
Title: infoQ

Search URL Search Domain Scan URL

URL: https://www.gmo-c.jp/service/marut_o2o.html
Title: まるっとサポート! O2O

Search URL Search Domain Scan URL

URL: https://www.gmo-vp.com/
Title: ベンチャーパートナー

Search URL Search Domain Scan URL

URL: https://trustlogin.com/
Title: トラスト・ログイン

Search URL Search Domain Scan URL

URL: https://gmo-app.jp/
Title: GMOおみせアプリ

Search URL Search Domain Scan URL

URL: https://www.gmosign.com/
Title: GMOサイン

Search URL Search Domain Scan URL

URL: https://www.nomyne.com/
Title: nomyne

Search URL Search Domain Scan URL

URL: https://runsystem.net/ja/
Title: GMO Runsystem

Search URL Search Domain Scan URL

URL: https://chintaidx.com/
Title: GMO賃貸DX

Search URL Search Domain Scan URL

URL: https://freenance.net/
Title: FREENANCE byGMO

Search URL Search Domain Scan URL

URL: https://reemo.me/
Title: ReeMo

Search URL Search Domain Scan URL

URL: https://gmossp.jp/
Title: GMOSSP

Search URL Search Domain Scan URL

URL: https://www.teacup.com/
Title: teacup.

Search URL Search Domain Scan URL

URL: https://30d.jp/
Title: 30days Album

Search URL Search Domain Scan URL

URL: http://www.kabegami.com/
Title: 壁紙.com

Search URL Search Domain Scan URL

URL: https://prican.jp/
Title: prican

Search URL Search Domain Scan URL

URL: https://gmobb.jp/
Title: GMOとくとくBB

Search URL Search Domain Scan URL

URL: https://smafi.info/media/
Title: Smafi

Search URL Search Domain Scan URL

URL: https://www.to-b.jp/
Title: バイトチェック

Search URL Search Domain Scan URL

URL: https://kireipass.jp/
Title: キレイパス

Search URL Search Domain Scan URL

URL: https://gmo-aozora.com/
Title: GMOあおぞらネット銀行

Search URL Search Domain Scan URL

URL: https://www.click-sec.com/
Title: GMOクリック証券

Search URL Search Domain Scan URL

URL: https://coin.z.com/jp/
Title: GMOコイン

Search URL Search Domain Scan URL

URL: https://gesoten.com/
Title: ゲソてん

Search URL Search Domain Scan URL

URL: https://www.gmo.jp/

Search URL Search Domain Scan URL

URL: https://www.click-sec.com/corp/ad/fx/?aid=xx1q240&cid=fxlp
Title: FX取引高世界1位GMOクリック証券

Search URL Search Domain Scan URL

URL: https://www.gmo-agree.com/
Title: 国内1位電子印鑑GMOサイン

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 23

https://api.quantumgraph.com/web/cm/ HTTP 302
https://gocm.c.appier.net/qg?a_i=/web/cm/?from=dback HTTP 302
https://api.quantumgraph.com/web/cm/?from=dback&qaid=K6i9YPqDW29NW7B0zZF70g&noredir=1

Request Chain 93

https://jp-tags.mediaforge.com/js/5619/ HTTP 301
https://ut.rd.linksynergy.com/js/5619

Request Chain 130

https://20626465p.rfihub.com/ca.gif?rb=15273&ca=20626465&ra=63423109 HTTP 302
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxODQ1MTI1MzA4MA==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D5142336718451253080https%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D5142336718451253080 HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D5142336718451253080https%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fentity%253D18%2526code%253D5142336718451253080&google_gid=CAESEBd_Ho1gO18dU8wO4y9pQIo&google_cver=1 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336718451253080https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336718451253080

Request Chain 147

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&C=1

Request Chain 148

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWHM1amat.iaK.BkGhoW1wAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&google_hm=2

Request Chain 149

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN0lJgVoRNSEuMmOmysEc94&google_cver=1

Request Chain 150

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIxOTY2MjE3ODY0MDQzNjM5MQ%3D%3D

Request Chain 151

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1

Request Chain 152

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWHM1XNVwaPaB.s95uNI9gAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&google_hm=2

Request Chain 153

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEN0lJgVoRNSEuMmOmysEc94&google_cver=1

Request Chain 154

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM2Mzc3MjgzMTQzMzMwNzI2OA%3D%3D

Request Chain 186

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMGF9c02k-yRo0El5qAwNAA&google_cver=1&google_push=AYg5qPJiHcDWFCdql9M5DNp5H_beO1powMDOWjrjxlkUUbXnW_31GGzGCWANXzFQ9LGH_QM8KEM-6RGY0HJMr-fxbTiwKG0a_uDY HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMGF9c02k-yRo0El5qAwNAA&google_cver=1&google_push=AYg5qPJiHcDWFCdql9M5DNp5H_beO1powMDOWjrjxlkUUbXnW_31GGzGCWANXzFQ9LGH_QM8KEM-6RGY0HJMr-fxbTiwKG0a_uDY HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXV0TUJsZGUxTXpmUVc1&google_gid=CAESEMGF9c02k-yRo0El5qAwNAA&google_cver=1&google_push=AYg5qPJiHcDWFCdql9M5DNp5H_beO1powMDOWjrjxlkUUbXnW_31GGzGCWANXzFQ9LGH_QM8KEM-6RGY0HJMr-fxbTiwKG0a_uDY

Request Chain 187

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMfjv9-Si-YosU1cNfH-rXk&google_cver=1&google_push=AYg5qPJ79r5rzZfiXsd-SPlFTlNlPPMYTAnkS64uW5prPipzpK860UOJKnDJSj2nAF8KPA0toyVMqsJhV5I4LAEq2gtTp2rGPNZL HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ79r5rzZfiXsd-SPlFTlNlPPMYTAnkS64uW5prPipzpK860UOJKnDJSj2nAF8KPA0toyVMqsJhV5I4LAEq2gtTp2rGPNZL

Request Chain 188

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEEJ4GRKT2b3Hbai3hSysE9w&google_cver=1&google_push=AYg5qPKBW5NdvUs_jkGZMxXCBarcJMDYcI-66ogIhmUaOLkIThj1-NQBORG21ilOG1VkScvUbjucWypd5wbW422eCKUiJyhnOXWF HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKBW5NdvUs_jkGZMxXCBarcJMDYcI-66ogIhmUaOLkIThj1-NQBORG21ilOG1VkScvUbjucWypd5wbW422eCKUiJyhnOXWF&google_hm=NTE0MjMzNjcxODQ1MTI1MzA4MA== HTTP 302
https://a.rfihub.com/cm?pub=445&google_error=5

Request Chain 189

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBfFu2QqqjPyg63Cj1GKcAU&google_cver=1&google_push=AYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjipI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjipI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBfFu2QqqjPyg63Cj1GKcAU&google_cver=1&google_push=AYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjipI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjipI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 190

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1&google_push=AYg5qPKO9qq7S2JJ3ER7gNBS0aH0z98NiU1IMZHK6zwW6Mt03TMWjSrHSVhbFf8B3Khmr5gjyEUJUM3hZ_ELYgRO4CzYGFtXUKsJ HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1&google_push=AYg5qPKO9qq7S2JJ3ER7gNBS0aH0z98NiU1IMZHK6zwW6Mt03TMWjSrHSVhbFf8B3Khmr5gjyEUJUM3hZ_ELYgRO4CzYGFtXUKsJ HTTP 302
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336718451253080&expires=30&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKO9qq7S2JJ3ER7gNBS0aH0z98NiU1IMZHK6zwW6Mt03TMWjSrHSVhbFf8B3Khmr5gjyEUJUM3hZ_ELYgRO4CzYGFtXUKsJ&google_hm=rzM8P8oSQgWKBKJetRSzhQ==

Request Chain 191

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG4bUiMMcNe1HatVfH3M2V4&google_cver=1&google_push=AYg5qPJf3aIzt_IoRbQ882iO_1C1e_AfhE6VHAZrQWwFVqTJLbgFlao5Lv22NeFfYv4MTKql_bRMvNpoMgKxcf5jGIhsgUfLznDM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VLMVlWQ0stVS05R1JQ&google_push=AYg5qPJf3aIzt_IoRbQ882iO_1C1e_AfhE6VHAZrQWwFVqTJLbgFlao5Lv22NeFfYv4MTKql_bRMvNpoMgKxcf5jGIhsgUfLznDM

Request Chain 192

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP6basfvPOkEhl9cwatJzvI&google_cver=1&google_push=AYg5qPJ4qBgh7lFA3Ns5xAo-AyzohC3pnK9sZLLsdu8U4CmxbOEa0se58Pg1lBXRfql2azo632sftXT9BBRSU5iFpPpbc9ZpmDR9 HTTP 302
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP6basfvPOkEhl9cwatJzvI&google_cver=1&google_push=AYg5qPJ4qBgh7lFA3Ns5xAo-AyzohC3pnK9sZLLsdu8U4CmxbOEa0se58Pg1lBXRfql2azo632sftXT9BBRSU5iFpPpbc9ZpmDR9&verify=true HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BdGJ1dVZaRTJ1RjVsUnlmSkouUTBZN1VOcEUudXpMeH5B&google_push=AYg5qPJ4qBgh7lFA3Ns5xAo-AyzohC3pnK9sZLLsdu8U4CmxbOEa0se58Pg1lBXRfql2azo632sftXT9BBRSU5iFpPpbc9ZpmDR9

Request Chain 194

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMWX_YAW-fhlpUveLnppHXs&google_cver=1&google_push=AYg5qPKyRgeTNuTLR4WPBj58zjirIPYJ9z1G3rGoJSI--0r3-tm2A12Go8QdzfPZK-ng7uTk5vkKvpXWofgNfft5X2HATLpA1A HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk2MzU4ODY5MzUxMzQ2Nzg5Ng== HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEMWX_YAW-fhlpUveLnppHXs&google_cver=1

Request Chain 196

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOb13Gcqa8g1tjdl_4lwtO0&google_cver=1&google_push=AYg5qPLWKWxn8Te9SugQG--GlrTYNuq_UBJ27LydUpC8w5gA8W5XOOuwffVD3tNPGvFqYcWYWT_ZiOP5eBlErsk3Pan0jsjNcYI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzExNDkxMzkxNjk3NTI0Mw%3D%3D&google_push=AYg5qPLWKWxn8Te9SugQG--GlrTYNuq_UBJ27LydUpC8w5gA8W5XOOuwffVD3tNPGvFqYcWYWT_ZiOP5eBlErsk3Pan0jsjNcYI

Request Chain 197

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1&google_push=AYg5qPKJ2vS2eDv7iZ8-zrFmiwjfL0aqdL3n-bJk-OHI5-DU1Cs8e3VjxNXXxSz7ZeBXv8UWAr3WwNBvHdTcZHu8FNr8X102x9o HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1&google_push=AYg5qPKJ2vS2eDv7iZ8-zrFmiwjfL0aqdL3n-bJk-OHI5-DU1Cs8e3VjxNXXxSz7ZeBXv8UWAr3WwNBvHdTcZHu8FNr8X102x9o HTTP 302
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google HTTP 302
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=15ff2253-071d-4ec0-a10c-2ab5f965c170&ssp=google HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=rzM8P8oSQgWKBKJetRSzhQ== HTTP 302
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1

Request Chain 199

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOqBxFXJO-305Q77EPwHnaQ&google_cver=1&google_push=AYg5qPJdzJcOS5JNEUi9pE_KqIbf2C1pGHlNQSs1Np0rawpP4syZuySOA9-FwnzJoGMgtmLhYsubbS6ulD5D3CcPE1lF7yo4s_U HTTP 302
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJdzJcOS5JNEUi9pE_KqIbf2C1pGHlNQSs1Np0rawpP4syZuySOA9-FwnzJoGMgtmLhYsubbS6ulD5D3CcPE1lF7yo4s_U&google_gid=CAESEOqBxFXJO-305Q77EPwHnaQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NzQzNzE1ODI0OTQ0Mzg0MTM%3D&google_push=AYg5qPJdzJcOS5JNEUi9pE_KqIbf2C1pGHlNQSs1Np0rawpP4syZuySOA9-FwnzJoGMgtmLhYsubbS6ulD5D3CcPE1lF7yo4s_U

Request Chain 246

https://jp-tags.mediaforge.com/pix/5619?type=pos&href=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&_rm_fire3p=true HTTP 301
https://ut.rd.linksynergy.com/pix/5619?type=pos&href=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&_rm_fire3p=true

Request Chain 248

https://idsync.rlcdn.com/458359.gif?partner_uid=19c9dc22-3942-4a98-a11a-c57c7fb8ac71 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDE5YzlkYzIyLTM5NDItNGE5OC1hMTFhLWM1N2M3ZmI4YWM3MRAAGg0I2JmHiwYSBQjoBxAAQgBKAA HTTP 307
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=213623a6988e0e733c20ba2cc243f65c06f043a528de7fe9041b683b6c9ec3946ac34734d8e453ee

250 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request index Show response
www.pointtown.com/ptu/exchange/ 104 KB
27 KB 768ms
749ms Document
text/html 45.60.1.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

1c3d1be2831bd26e73aae329fff315aa163c9dd9eba845e76cd8e68e27c981cb

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: www.pointtown.com
:scheme: https
:path: /ptu/exchange/index
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Sat, 09 Oct 2021 17:09:38 GMT
server: Apache
set-cookie: vu=dKTewD9s1JuhUJcYDAzJtdouI7ys3fSGdKTewD9s1JuhPgNttHUU6Dd+F7NXedKUKi/Y9CO04DJK2ujfKtHLSMqN6MHhUx9Cwk+nDmz8I0et8ubjOMiiqWqDR6dkIz2LzibSqocmso0; Expires=Mon, 09-Oct-2023 17:09:38 GMT; Path=/; Secure; HttpOnly; SameSite=None cref=http%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex; Expires=Sun, 10-Oct-2021 17:09:38 GMT; Path=/; Secure; HttpOnly; SameSite=None cunibr=OLiZJOHjf3J; Expires=Fri, 04-Oct-2041 17:09:38 GMT; Path=/; Secure; HttpOnly; SameSite=None JSESSIONID=3F7CF2D4D7ABD17FE9B8C3ABBC8615C4.tomcat04; Path=/; Secure; HttpOnly; SameSite=None visid_incap_1652102=LU83gedXQQOaEOw29m9SWdHMYWEAAAAAQUIPAAAAAABAqQIQKn395kyIW7gszyv5; expires=Sun, 09 Oct 2022 09:09:05 GMT; HttpOnly; path=/; Domain=.pointtown.com nlbi_1652102=5AAeWt4/u2f+9rDZTitn/wAAAACj4QAFdtSmTyOHMUQeVqng; path=/; Domain=.pointtown.com incap_ses_1309_1652102=FKWdHsS5XQCF1PRl3YAqEtHMYWEAAAAAYOZDWnNz1QcFtmnA0MyThg==; path=/; Domain=.pointtown.com
x-robots-tag: index, follow
p3p: CP="UNI CUR OUR" CP="UNI CUR OUR"
content-type: text/html;charset=EUC-JP
content-language: de-DE
vary: Accept-Encoding,User-Agent
x-frame-options: SAMEORIGIN
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva
content-encoding: gzip
x-iinfo: 14-89713199-89713200 NNYN CT(236 242 0) RT(1633799377072 0) q(0 0 5 0) r(8 8) U12

GET
H2 200 ionicons.min.css
cdnjs.cloudflare.com/ajax/libs/ionicons/3.0.0/css/ 65 KB
8 KB 67ms
28ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/ionicons/3.0.0/css/ionicons.min.css

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7488d8d7b00d2e9f8bb00d8410094f4a06903d46280811cbf0cc9f6d8049712c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1158649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 7683
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:20 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ea8-104c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4WF3iQu5WcwAcSeKYBAUVpuSlTK9vZrTiXZipFD07v6KS7l0IcWoidxXM%2Fbg0IYlY8i%2BvWZfNEJDrL12e2oxQvlIWE3O%2BVXFN8lMSrSjk5QLRUAIZIQXQ9vIpcSSW0zvOJWC2M2U%2B%2Bp7U7ZaRYn%2FjEcL"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69b937c46e960e2a-MXP
expires: Thu, 29 Sep 2022 17:09:38 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/ 22 KB
4 KB 64ms
25ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/3.2.1/css/font-awesome.min.css

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1034287
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3555
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-5644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=li2TLyW0cU90LOdIzX8AYAWTPR0NkLk32mMSaXd4CVALxpNs62ooLbxDeTcV8%2B8Z9WBv9UezsLVfuKEfvIFvOdHJ7NtR9nKOj3QIeJCDmVcDVmVMH6KXp8wOBbePD%2BLFHupCGEvMDTZBfIz6bauFA%2FCQ"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 69b937c46e980e2a-MXP
expires: Thu, 29 Sep 2022 17:09:38 GMT

GET
H2 200 yakuhanjp_s.min.css
cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/ 2 KB
897 B 66ms
27ms Stylesheet
text/css 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/yakuhanjp_s.min.css

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58b252082bedce82af7a5028a88dcedd9a41a5497348f3d87cd7242df04efbeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:38 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1080099
x-jsd-version: 3.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19126-FRA, cache-mxp6933-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"730-CKu8vK9vRGxMn4qNfDtLqYEK8U0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
cf-ray: 69b937c46facf93b-MXP

GET
H2 200 jquery-ui.min.css
img.pointtown.com/pc/dist/bower_components/jqueryui/themes/base/ 29 KB
7 KB 65ms
17ms Stylesheet
text/css 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist/bower_components/jqueryui/themes/base/jquery-ui.min.css?v=1435297056
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 12843f4d1ccc85381bcadb732010be489c3c5675ac4aaff2532614c4c5c88bb2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 00:46:16 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2015 14:48:12 GMT
server: Apache
age: 491002
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 7207
x-amz-cf-id: sYXqXN7jOAYtSSh-Lyi-y5Ya615I4UZBo27lhU3QxkTDXO8PpU7S0A==

GET
H2 200 app.css
img.pointtown.com/pc/dist_ver2/css/ 121 KB
17 KB 62ms
14ms Stylesheet
text/css 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist_ver2/css/app.css?v=1630029219
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 13aa1cce312c556e10172c54bb121ffd99176003329083de808554d0ed8ef4d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 03:19:22 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:33:26 GMT
server: Apache
age: 136216
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 17165
x-amz-cf-id: GKeXPJTQ6ZLc64La4smaBmY3yeIgC2-W6LrRhiDn-wbssTIqi_KrDQ==

GET
H2 200 style.css
img.pointtown.com/pc/dist_ver2/css/app/exchange/ 15 KB
3 KB 58ms
10ms Stylesheet
text/css 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist_ver2/css/app/exchange/style.css?v=1606299174
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: fa1c7f990a736f10a8c16d2823c88a5f0c46e355b1ea630a33fc3ea157d4e0d4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 18:14:04 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:33:32 GMT
server: Apache
age: 428134
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3206
x-amz-cf-id: UuwYpDGTNlzdDuvzbd-FDhCv4BMecTPDLl-D473lWK-LbVfmJmITEw==

GET
H2 200 jquery.min.js Show response
img.pointtown.com/pc/vendor/jquery/dist/ 82 KB
29 KB 73ms
25ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/vendor/jquery/dist/jquery.min.js?v=1520322737
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:38 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 03:36:18 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 29543
x-amz-cf-id: BcKoPZsHh-bU1Oc8V6WdbsPVz5jyEznRNkj48hZE56Gk1xoqdaj3Pg==

GET
H2 200 jquery-ui.min.js Show response
img.pointtown.com/pc/dist/bower_components/jqueryui/ 235 KB
63 KB 65ms
18ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist/bower_components/jqueryui/jquery-ui.min.js?v=1435297056
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 04:03:39 GMT
content-encoding: gzip
last-modified: Fri, 13 Mar 2015 14:48:12 GMT
server: Apache
age: 392759
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
x-amz-cf-id: 2PHNsXQ8w01mpNhcI-qDV9A05LtUagLgVF0AxzjcX4QhNJacK5t94w==

GET
H2 200 cntdown_bonus.js Show response
img.pointtown.com/pc/dist_ver2/js/ 3 KB
2 KB 63ms
16ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist_ver2/js/cntdown_bonus.js?v=1606798545
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d1f83068bd8f765019b3d89d8932c48f49da004394e40f8bef20acc2852e7db7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 04:41:57 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:32:42 GMT
server: Apache
age: 131261
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1175
x-amz-cf-id: xc2PC7c6J1nWKvgdmZJl7M-9ZMftTrFiAjcMmAKHiWSVgsOhlS1s-w==

GET
H2 200 aiqua-wp.js Show response
cdn.qgraph.io/dist/ 95 KB
32 KB 67ms
10ms Script
application/javascript 143.204.209.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qgraph.io/dist/aiqua-wp.js
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-90.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c9b4539b85a585ff1eccd9ccfba623af6d0ed0b55f0c52fcf2d9c51be690e87c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 16:20:46 GMT
content-encoding: gzip
last-modified: Tue, 07 Jan 2020 07:33:40 GMT
server: AmazonS3
age: 2943
etag: W/"e3f1636d11b7a2e53a90257d6edaec61"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: HBewH2M9eUYFPSmtK3ONoi1GRZdWf5sc8YdoCzhtxZlh306k6M4eKw==

GET
H2 200 ma-event-send.js Show response
img.pointtown.com/js/smartPhone/ 141 B
508 B 12ms
11ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/js/smartPhone/ma-event-send.js?v=1561104224
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ab1bf04a1db025b6899895a089a4fd3fcd06c38bd39c015c6eb2e6dba4f3d5d8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 16:51:08 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:33:02 GMT
server: Apache
age: 433110
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 142
x-amz-cf-id: x3bGpEgKxSQEF8fcMyLPityDWvx8ikx5i9vd0CwZAgJbOsM9fU2xjQ==

GET
H2 200 popup.js Show response
pointtown.karakuri.ai/api/chats/ 199 KB
56 KB 518ms
484ms Script
text/javascript 143.204.209.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pointtown.karakuri.ai/api/chats/popup.js

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.209.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-209-38.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

98bb1c2a6246790bd895feb3bc474f09daae152693c8c5086e28e56ac5f7b94d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
x-amz-cf-pop: FRA53-C1
x-dns-prefetch-control: off
x-cache: Miss from cloudfront
vary: Accept-Encoding
x-xss-protection: 0
access-control-allow-origin: *
referrer-policy: no-referrer
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"31d46-4aPh5AwfvnFl+wm4dyMJPn7Wtrg"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: text/javascript; charset=utf-8
via: 1.1 3f6fbf009bb5cf969f92ba2e59576614.cloudfront.net (CloudFront)
content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
x-amz-cf-id: rdJyrF_ZMid72gcZ2aRNAzNMK9I71u_hvLhof8C0VxLOG88WWCMV3A==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 78 KB
27 KB 43ms
19ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

cdcfd2c4489c22333d330be4860a63ba699409dc36bde582df1c25603d69be26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1010 / 183 of 1000 / last-modified: 1633731109"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26826
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Oct 2021 17:09:38 GMT

GET
H2 200 cntdown_bonus.js Show response
img.pointtown.com/js/ 3 KB
1 KB 9ms
9ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/js/cntdown_bonus.js?v=1538013847
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: fe50cdc595b48e11bfb0ed60a43455f226be0ece34e41d25183ccdbbd9e11658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 20:40:42 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:32:33 GMT
server: Apache
age: 419336
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1144
x-amz-cf-id: 7jAvqYUgiPbNXPQ3T5YXtqXCGK96A5lwjtC5W9N5xS9Ssy_G3K0F7Q==

GET
H2 200 favorite.js Show response
img.pointtown.com/pc/dist_ver2/js/ 6 KB
2 KB 10ms
9ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist_ver2/js/favorite.js?v=1605762455
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e65040e803e2cc6f1129690f05e138227209f28538bf3732fd3fb362d91d00f4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 02:56:41 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 03:35:32 GMT
server: Apache
age: 483177
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2121
x-amz-cf-id: Y9tj2gUDLlOwIAlVYXeuKE16wo1sOwkAcVkYHjmrhhyTpn2BId8qJQ==

GET
H2 200 favorite-popup.js Show response
img.pointtown.com/pc/dist_ver2/js/ 571 B
704 B 11ms
11ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist_ver2/js/favorite-popup.js?v=1539590482
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 66d16c2ab65c655306eabf93c30e4f5a39895bd3ef39fd7b6b1c0595a5ced3fe

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 16:29:36 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 03:35:32 GMT
server: Apache
age: 520802
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 338
x-amz-cf-id: OncLUWUMrEkPqi5eNqICwn1giW8OBPK2NIinNoVkFZHPBKHERQnQZg==

GET
H2 200 qgraph.2446c4ba0c232e79a229.js Show response
cdn.qgr.ph/ 2 KB
2 KB 51ms
18ms Script
text/javascript 13.32.29.46
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qgr.ph/qgraph.2446c4ba0c232e79a229.js
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/dist/aiqua-wp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-46.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 687bc481fd5afd95634e9419fa20ef4335c0a98f74ec1ba2e62fa0424ca340e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: lKK3eVk3EjtRbnWt6.V0hRcdVuVeD_ww
content-encoding: gzip
last-modified: Fri, 24 Sep 2021 07:41:08 GMT
server: AmazonS3
x-edge-origin-shield-skipped: 0
etag: W/"fa60f075069c874bc9d968ed82ab8b44"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
via: 1.1 dca6db3c8f31f3cd48bb06d78a8be625.cloudfront.net (CloudFront)
date: Sat, 09 Oct 2021 17:09:38 GMT
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: DKvVV59yUOmlPDZjNK_Lnos_AFo-UarP7IXc7sZKbkWrEamHKZPMnw==

GET
H2 204 user_config Show response
aiqua-config.c.appier.net/api/v1.0/ 0
116 B 530ms
168ms Fetch 52.76.182.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-config.c.appier.net/api/v1.0/user_config?appId=2446c4ba0c232e79a229&os=web&firstTime=true
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/dist/aiqua-wp.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.182.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-182-76.ap-southeast-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin: https://www.pointtown.com
date: Sat, 09 Oct 2021 17:09:39 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 1362
date: Sat, 09 Oct 2021 16:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 09 Oct 2021 18:46:57 GMT

GET
H2 200 aiqua.js Show response
cdn.qgraph.io/v3/r/ 357 KB
105 KB 10ms
10ms Script
application/javascript 143.204.209.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.qgraph.io/v3/r/aiqua.js
Requested by: Host: cdn.qgr.ph
URL: https://cdn.qgr.ph/qgraph.2446c4ba0c232e79a229.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.209.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-209-90.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1c25140a095e7f3d55ac9a2ab4a5cfff3926a42239e9cbecc726ccabef1760d9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 16:19:30 GMT
content-encoding: gzip
last-modified: Tue, 31 Aug 2021 02:07:24 GMT
server: AmazonS3
age: 3016
etag: W/"9bb6a3bfa038e771ee88ecbeb613c853"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c5c25772c7f14e267596e0f8ce51d9bc.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: wz8ehLRLj0J7Fxrn26F8pQWg3zXTaLQ7Uxv2Nm164SbTdOc-XCLj2A==

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 16:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2577
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 09 Oct 2021 17:26:42 GMT

GET
H/1.1 200
OK / Show response
aiqua-user.c.appier.net/web-inapp/ 2 KB
3 KB 715ms
168ms XHR
application/json 13.251.209.234
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-user.c.appier.net/web-inapp/?appId=2446c4ba0c232e79a229&firstTime=1&wUserId=1124769015857542&versionNo=0
Requested by: Host: cdn.qgraph.io
URL: https://cdn.qgraph.io/v3/r/aiqua.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.251.209.234 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-251-209-234.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.4.z-SNAPSHOT) /
Resource Hash: 7779892073647617575bf057109f3e9f1dca8fdfdf1a38a98e4d610e03b4ce9c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:39 GMT
Server: Jetty(9.4.z-SNAPSHOT)
Vary: Origin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.pointtown.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2454

GET
H2 200 2ad8cce0671b11e9b72652540010127a34bfa532413db50c41.png
img.pointtown.com/image/profile/image_upload/ 22 KB
22 KB 27ms
27ms Image
application/octet-stream 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/image/profile/image_upload/2ad8cce0671b11e9b72652540010127a34bfa532413db50c41.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6ee2be9b7305fa653bdb5924791639f9203012594f21e3d040739c727b1d2c29

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 15:06:38 GMT
via: 1.1 f2dc44f38fe2e96d7c628b97a7f7377b.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Thu, 25 Apr 2019 05:30:00 GMT
server: AmazonS3
age: 7381
etag: "7fbb86cc918cf70de6883060994f7246"
x-cache: Hit from cloudfront
content-type: application/octet-stream
x-amz-cf-pop: NRT57-C2, FRA56-C1
accept-ranges: bytes
content-length: 22145
x-amz-cf-id: M8f_GiNw8Up_NyjEpNVs52Oqf1lsXhrtLf-m0CxnKTpHuswudm34tg==

GET
H2

201

/ Show response
api.quantumgraph.com/web/cm/
Redirect Chain

https://api.quantumgraph.com/web/cm/
https://gocm.c.appier.net/qg?a_i=/web/cm/?from=dback
https://api.quantumgraph.com/web/cm/?from=dback&qaid=K6i9YPqDW29NW7B0zZF70g&noredir=1

36 B
379 B

167ms
166ms

XHR
application/json

18.141.68.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.quantumgraph.com/web/cm/?from=dback&qaid=K6i9YPqDW29NW7B0zZF70g&noredir=1
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.141.68.152 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-141-68-152.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash: e4b1e0ff6673068c8a4706809a7a279c023e57be88900bf71fdcab202b8f03f8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
server: Jetty(9.3.9.v20160517)
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: null
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
content-length: 36
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

date: Sat, 09 Oct 2021 17:09:40 GMT
server: nginx
access-control-allow-origin: null
p3p: CP="CUR ADM DEV TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://api.quantumgraph.com/web/cm/?from=dback&qaid=K6i9YPqDW29NW7B0zZF70g&noredir=1
cache-control: no-store
access-control-allow-credentials: true
content-type: text/html; charset=utf-8
content-length: 116

GET
H2 200 logo-pointtown.svg
img.pointtown.com/image/common/ 5 KB
2 KB 9ms
9ms Image
image/svg+xml 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/image/common/logo-pointtown.svg
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 15a526168ca29e497314618c7ae3662aa2bcbe155972f8f4d73e7d73fe175284

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 20:28:03 GMT
content-encoding: gzip
last-modified: Tue, 06 Oct 2020 09:12:59 GMT
server: Apache
age: 506495
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: puS2KGdsSfuPMVtb5W5TUvQzdi4IqAYrAiko9HQbChm4cLFTeer4Fg==

GET
H2 200 bnr-paypal-201903_480x108@2x.png
img.pointtown.com/image/exchange/cp/ 64 KB
64 KB 20ms
19ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/image/exchange/cp/bnr-paypal-201903_480x108@2x.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4d30bebd4270ebaf8487d4a6acc781c259fa2d2b309085ad42a0ce10a744b295

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 07:49:42 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:12:59 GMT
server: Apache
age: 33597
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 65283
x-amz-cf-id: Q1-fTQX6PknpoZFiMJ-Jom7vL6kuuNRjSV8dv4QoUqUCoyM7ixqWrg==

GET
H2 200 a2b54b70dadd11eba37152540010127a2c4c0e4adc530de4ee.png
img.pointtown.com/image/profile/image_upload/ 35 KB
35 KB 15ms
15ms Image
application/octet-stream 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/image/profile/image_upload/a2b54b70dadd11eba37152540010127a2c4c0e4adc530de4ee.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d14a380636db71f22c31116e6e27cffdf2ef947bc937b696c27b6ebb227b7717

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 11:21:39 GMT
via: 1.1 9e9baa9057009984244d4ef4e616ff90.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Fri, 02 Jul 2021 02:31:42 GMT
server: AmazonS3
age: 452881
etag: "54b5278f519c8ed415258d68fe9f8e49"
x-cache: Hit from cloudfront
content-type: application/octet-stream
x-amz-cf-pop: NRT57-C2, FRA56-C1
accept-ranges: bytes
content-length: 35635
x-amz-cf-id: MQ6wWz6R9ADtnaRBi2k_cNCbujVn5noqp0PK4xjKjx3hSc_DTsb8LQ==

GET
H2 200 24748790065b11ecab4452540010127a2e54ffafe3ce0acdf5.png
img.pointtown.com/image/profile/image_upload/ 34 KB
35 KB 481ms
481ms Image
application/octet-stream 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/image/profile/image_upload/24748790065b11ecab4452540010127a2e54ffafe3ce0acdf5.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 361284b75267c0ed3e3e954eb84d3984ff7c27118bc189e5fc47cd6aa88ab914

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 07:49:43 GMT
via: 1.1 42426d3cee48302e909b14d479f22cf1.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Thu, 26 Aug 2021 10:48:27 GMT
server: AmazonS3
age: 33598
etag: "fbf9cf399e40c783c28a3418ced6f626"
x-cache: Miss from cloudfront
content-type: application/octet-stream
x-amz-cf-pop: NRT57-C2, FRA56-C1
accept-ranges: bytes
content-length: 35274
x-amz-cf-id: svXXgas4kQhLKeBl7w9ZgggN-SnYnNSmNGkpMSZM8T_iy8zGfGtE_A==

GET
H2 200 loading-lozard.gif
img.pointtown.com/pc/dist_ver2/img/common/loading/ 3 KB
3 KB 32ms
18ms Image
image/gif 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/dist_ver2/img/common/loading/loading-lozard.gif
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6c7a3654d5f845144a36fcbdbd50f2fa3d6d71c78f5fad4e187f8ded460f5134

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 02:12:47 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Mon, 04 Oct 2021 05:32:35 GMT
server: Apache
age: 226613
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2706
x-amz-cf-id: s6vcEbCo2m0ExllL0CB4jBprWksFwRLSh41f_77slnHoPqKM5lm7-Q==

GET
H2 200 logo-gmo-aozora.png
img.pointtown.com/pc/img/exchange/logo/ 13 KB
14 KB 479ms
465ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-gmo-aozora.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6f2e4fec40f1d5ec4df0f2e053446eea92bad12279ac0c7c0628de62bde89db8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 13528
x-amz-cf-id: Ay28HWfjTCjT13RQ1edNpAsJK0QPuTUK9rtgARd-iFwIIQevHx7PBA==

GET
H2 200 logo-rakuten-bank_ver2.png
img.pointtown.com/pc/img/exchange/logo/ 12 KB
13 KB 493ms
478ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-rakuten-bank_ver2.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 86f914525550841ce75cf1f7c93cae973cc2288e4d5bbb9ba8faf291ca5b39bf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 12611
x-amz-cf-id: yEH2Gms1d8mPFqHiJ8zRRqjumcXJsMerYwpwSEn3UDaQrrNbdYctoQ==

GET
H2 200 logo-yuucho-bank.png
img.pointtown.com/pc/img/exchange/logo/ 6 KB
6 KB 33ms
19ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-yuucho-bank.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 1cac729fe76b84bf44beaa675f20b892dd15bc3dfba874a5e82dc2f7489c1906

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 18:44:18 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 167122
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6083
x-amz-cf-id: YhtXDvOR6oinnT4dQ3wcDZSw8rweHaFlqwLEopwdpEOX-vhRcEf7Dg==

GET
H2 200 logo-paypay-bank.png
img.pointtown.com/pc/img/exchange/logo/ 5 KB
5 KB 35ms
21ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-paypay-bank.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d185ec7e5054dc2168ae473b271db7003399f752afd29ba43b0822f88cd201f1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 03:42:45 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Wed, 07 Apr 2021 08:44:24 GMT
server: Apache
age: 134815
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5180
x-amz-cf-id: 6w7YbywRuVQEPialNHZInYZN1K3Vi0rCoqmuJ1exwFP54bxyMNfSoQ==

GET
H2 200 logo-sbi-net-bank.png
img.pointtown.com/pc/img/exchange/logo/ 5 KB
6 KB 52ms
38ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-sbi-net-bank.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d1fb3ca8b805d24844e7743e77f859ec10bae88ba9fafa3fca79f82ef018a7e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 15:44:37 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 5102
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5438
x-amz-cf-id: 55DPdOosJ7IL9i0sOE3rL1r4uktH43QQlomxs-V9gXvrjsOUVKOGLQ==

GET
H2 200 logo-mufg.png
img.pointtown.com/pc/img/exchange/logo/ 4 KB
4 KB 33ms
20ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-mufg.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f581f10bf67688ccbc6b363399b9e01c660ce0e893bf3a60f03abc18baccde8e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 18:10:39 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 255541
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 4215
x-amz-cf-id: ANa3hW4QpiCXfc2oZPGvaxRzatwctMw63y8E5kCIoV3RduD4-K2LVQ==

GET
H2 200 logo-smbc-bank.png
img.pointtown.com/pc/img/exchange/logo/ 9 KB
9 KB 511ms
498ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-smbc-bank.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 421ab9fa4c9a8a48bfbc0c95388c063f0f21a774d7b00afd01f1ae52d2b15452

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 8911
x-amz-cf-id: 6IkuS9oMKLFdDQhmwgopzyrEtmV1c3mpKct5QlPnH5ImGBEMjejSUA==

GET
H2 200 logo-mizuho-bank.png
img.pointtown.com/pc/img/exchange/logo/ 6 KB
6 KB 496ms
483ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-mizuho-bank.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 5c9fe2398f91980a3e7b018078f5b53336dbef9a73692580b06160dd0850a347

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 5663
x-amz-cf-id: EIb28eWV2KP_kJP7wywqyiiVzoifCV-h3Qcq15CBRf7K5ahsAGejGw==

GET
H2 200 logo-aeon-bank.png
img.pointtown.com/pc/img/exchange/logo/ 5 KB
6 KB 34ms
21ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-aeon-bank.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 02321369b2a5aeac14713a6b6bcc359d2ab9ca41cbad43a3c6d4d41997f02c94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 03:42:45 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 134814
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5543
x-amz-cf-id: XZLZKGHy2hCNu40f0a7_t4MtEXCalSxC-Q9vkwuIu4hoj5msWEiTIw==

GET
H2 200 logo-risona-bank.png
img.pointtown.com/pc/img/exchange/logo/ 5 KB
6 KB 46ms
33ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-risona-bank.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 174efb8103abcffec1a21e6fe241f47b7593b4fcc719c0d09765bfad7fffc950

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 05:39:32 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 559808
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5336
x-amz-cf-id: Ubocc1VmYl-cGLwcht3RCeIwOrcoI4NujLMSzCeCI1EhR4QP8kV0_A==

GET
H2 200 logo-paypal.png
img.pointtown.com/pc/img/exchange/logo/ 4 KB
5 KB 53ms
40ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-paypal.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 4994fa132832268cd7a1e300bbe5aaa06b1618d6a8394cd07af090119c35a3cf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 09:09:30 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 288010
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 4327
x-amz-cf-id: _Pjslsn0bnkODt5PqN8O7Oo0HUa6XKRQeYe-PXo5Kol682Iow4BLQQ==

GET
H2 200 logo-pollet.png
img.pointtown.com/pc/img/exchange/logo/ 5 KB
5 KB 52ms
39ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-pollet.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: b1f059b02e47977e7fececa9e051420a2f7426bfc68bf20b402e596e909def41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 10:58:10 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 454290
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 4772
x-amz-cf-id: 86OyT-uISBBTESJkB5WFVLj06_qNoIJOzM0lncu04ZYBc2h8gwcLHw==

GET
H2 200 logo-amazon-gift.png
img.pointtown.com/pc/img/exchange/logo/ 7 KB
8 KB 55ms
42ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-amazon-gift.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 64867a684bebf5caaffd14701f09d1bbe11341f86535a9133c4f58059fef057e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 15:44:37 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 5103
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 7618
x-amz-cf-id: 68e4BuDd8EuTHrAbTmvqJrGVPd4VPxIBjfvHO1k70HMpFDDF_42zDA==

GET
H2 200 logo-waon-point02.png
img.pointtown.com/pc/img/exchange/logo/ 19 KB
19 KB 57ms
44ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-waon-point02.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 14b3f791ef7f9a7ee3f848cfa99c531f7996b4ee6836ce5094ef2a5e708c8702

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 03:42:46 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 134814
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 19208
x-amz-cf-id: GUhAMtHF_2yjrtsMZ8YFM8JEozPfzV1VKgUU7alyp1Wl-zeY1VI-Ig==

GET
H2 200 logo-nanaco-gift.png
img.pointtown.com/pc/img/exchange/logo/ 5 KB
6 KB 534ms
521ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-nanaco-gift.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: adfbfed6e89b188ec9a6c5302b9aecd065b7d269f156606e2b0acbfb010557a4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 5357
x-amz-cf-id: AUaXRHoDeU8DPeYmGGQwkEck6LIrNnWZfEc5xxFu3pwsfx3cxoR6xA==

GET
H2 200 logo-edy.png
img.pointtown.com/pc/img/exchange/logo/ 8 KB
9 KB 47ms
35ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-edy.png?ver3
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 69e6b0b3d50b4e464e3ecb55f50791824de80fd159e9400df81594c23f97bdca

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 09:15:34 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 546846
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 8616
x-amz-cf-id: XookdhimUMANIgHr8FrrY0VG1xzma-hg5GTxy9L65znHVefs7T6OfQ==

GET
H2 200 logo-webmoney.png
img.pointtown.com/pc/img/exchange/logo/ 6 KB
6 KB 34ms
22ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-webmoney.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6d8aa408a8d204aeb607b29d7bc027d300b7120b9806e37eef3f2d4e701b98db

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 18:10:45 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 255535
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6183
x-amz-cf-id: 4AGIcyR3N5gttUhJD_Po3zDr50t90K0y91BeC5kNc7rzu_frfCzmPw==

GET
H2 200 logo-vpreca.png
img.pointtown.com/pc/img/exchange/logo/ 5 KB
5 KB 44ms
32ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-vpreca.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 76dcfd5aef754bf42757fa996d626df30add716aefaa9f100fbf4f3a68367b41

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 15:45:19 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 5061
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5284
x-amz-cf-id: Ebj739BGmq_a2yWwLfSx2cNcC28Ig7mVIHLylALbxLm0yzQ6HnGQrA==

GET
H2 200 logo-appstore-itunes-gift.png
img.pointtown.com/pc/img/exchange/logo/ 42 KB
43 KB 41ms
29ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-appstore-itunes-gift.png?ver2
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 80311e1c7ee648e8b88655101e148e03a18e78c82a957495fc3827e8a810627f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 10:58:10 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 454290
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 43308
x-amz-cf-id: u4nJkh6kLk3LBhloUjGEkKSDiJnOArKd9EXNkurhY3FpJZfGVW6umQ==

GET
H2 200 logo-googleplay-gift-ver4.png
img.pointtown.com/pc/img/exchange/logo/ 7 KB
8 KB 514ms
502ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-googleplay-gift-ver4.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 63645b9300848dd291095cb7898b6b2ad97a18c2bd705d74ae85a8a7358f79ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 7527
x-amz-cf-id: nb3qdSNZRtPvLNgQSZCTLSUydScr8e9W5vHzoM2l95VuVoavcV7qaQ==

GET
H2 200 logo-rakuten-point.png
img.pointtown.com/pc/img/exchange/logo/ 3 KB
4 KB 492ms
480ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-rakuten-point.png?ver2
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 38ca85b8dd955cc4d082294f490f5b39603144d078bebba3cb93b64226914b52

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 3540
x-amz-cf-id: nHydRVyJOD_t1O9uu25QipQcNR_jYBUS_99e5jftUr8qeJlvGaqEyg==

GET
H2 200 logo-pex.png
img.pointtown.com/pc/img/exchange/logo/ 7 KB
7 KB 49ms
37ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-pex.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 35ecb1b0e7a294fe40ea80c66f29830388d9b08ba35561456fd9373499471dec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 10:58:11 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 454289
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 7318
x-amz-cf-id: Uu2d8K1PVc0fcKhR2NGcJ_xl6_Y0YPxDLEIBkLbZsUSj6G5m694y8Q==

GET
H2 200 logo-dotmoney.png
img.pointtown.com/pc/img/exchange/logo/ 6 KB
6 KB 44ms
32ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-dotmoney.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: efa5ec86d21c989441e57935ee71e14fd4da584a43a6dbe3b28e7933778dcdfb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 05:51:42 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 386278
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6295
x-amz-cf-id: neAhRHbTfFSwFvLlRMQO4JlegFgloKJNwt3LtHoQh2CeR5MHZ5eRQQ==

GET
H2 200 logo-tpoint.png
img.pointtown.com/pc/img/exchange/logo/ 4 KB
4 KB 45ms
33ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-tpoint.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 887082c7c55ef21e3fe12277e3df57c9abb8f4d98705e3a22a371c0a29cb60ba

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 05:51:42 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 386277
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3816
x-amz-cf-id: pnfXfXSScAh-56wxkmXhQgdZuunf2IJ4kDtmJ460AwzYxODUbyTkRQ==

GET
H2 200 logo-recruit-point.png
img.pointtown.com/pc/img/exchange/logo/ 3 KB
3 KB 52ms
41ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-recruit-point.png?v210601
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f516a560000c906018a6737651cd718cbda8195c27ba4a077e9281c11b27f518

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 18:10:39 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 08 Jun 2021 02:02:44 GMT
server: Apache
age: 255541
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 3159
x-amz-cf-id: 4d5slYddH3xpGD6u9RbOmvt4eULVb8UpgNXff8NeOIYbgkgRYrc2Xg==

GET
H2 200 logo-line-point.png
img.pointtown.com/pc/img/exchange/logo/ 2 KB
2 KB 509ms
498ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-line-point.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: c3b9f270b6d7efddcc5cc023806aadc5b299cdf5cc69f9fdf40037981d85ac5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 1901
x-amz-cf-id: nqKieBeunaTbgsYrVPHDI8G6kmkZRkOPhno_r5Hd7oB-W8OQ5srvaw==

GET
H2 200 logo-ponta.png
img.pointtown.com/pc/img/exchange/logo/ 9 KB
9 KB 51ms
40ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-ponta.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 62de308ffefb46fdda35cfa1c43d63a4fa37d0585d181a87979841f5073ca9eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 00:34:15 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 491725
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 8784
x-amz-cf-id: qo43-MNRsNg9qoXci3SAGTHLDWnbEk9ZdubEhn4UJkk36qUkFhfNKQ==

GET
H2 200 logo-dpoint.png
img.pointtown.com/pc/img/exchange/logo/ 6 KB
6 KB 45ms
33ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-dpoint.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 5432199a50d8bea143e211af334fb0b20f4128216fae0ec1157d6dd20aee847c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 18:10:45 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 255535
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5672
x-amz-cf-id: H2RTG0l1GkAKyuuEW0JHTG2pyZhFlT_z-f6s-zvIs1Kuxu1MBJV-xg==

GET
H2 200 logo-au-wallet.png
img.pointtown.com/pc/img/exchange/logo/ 7 KB
7 KB 83ms
72ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-au-wallet.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f84dbe57dce4bab6795eeed7df3ee945dce10862c4b321b8b72bec73a8a18bec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 03:44:41 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 134699
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6912
x-amz-cf-id: Aqvazlse_8u1Nqz9fwlCh0Exl9sO9kCCqEiT1rRKhMjhc_1jd6wCJg==

GET
H2 200 logo-bellemaison-point.png
img.pointtown.com/pc/img/exchange/logo/ 5 KB
5 KB 514ms
503ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-bellemaison-point.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 11f2fe11ae37914ad125e4152860202887ba65de5bf7f065ff943abc69789242

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 4869
x-amz-cf-id: JfdAFjSN6WGyadSFwlWDFmfX_97rKB7dBdwB58OmZr34PQEKI35pQg==

GET
H2 200 logo-smamoba-point.png
img.pointtown.com/pc/img/exchange/logo/ 6 KB
6 KB 47ms
36ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-smamoba-point.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: dcf3eacec7fc794cd0ce5a8c0b4c84fb1260a077cdb3ade36524f393a3f11709

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 05:51:52 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 386268
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5734
x-amz-cf-id: 3UCg5H-L1J5lzRPWN6sOTkuPTdKvIiYQ_TIUj2xyGj8GVhkFzPEvvQ==

GET
H2 200 logo-gmo-point.png
img.pointtown.com/pc/img/exchange/logo/ 5 KB
5 KB 265ms
254ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-gmo-point.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: db83548dd43bbdff1b37e57475a1b45f329694ddf46dfa7eb3f99b1c5b565838

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 5245
x-amz-cf-id: ubthUSRn0rulBllUHRsWJ4CdDjcAaFgp5uvHT86LSQ_NPxzLhRwMXA==

GET
H2 200 logo-gesoten.png
img.pointtown.com/pc/img/exchange/logo/ 8 KB
8 KB 532ms
521ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-gesoten.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d7a5efe1f86d122083972a7a68f6561d10e52de4d7c45ebeddecead6026b6b94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/png
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 8177
x-amz-cf-id: 5jIAi4mWlBuBrmU63DvhI2P1-2gzXWkkDi--hoaLox9X_H8aMZV9KQ==

GET
H2 200 logo-ana.png
img.pointtown.com/pc/img/exchange/logo/ 6 KB
6 KB 59ms
48ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-ana.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 46c82dfba09257fc5dd841024136c59c14c403e4236e188e0f0000a05ceda0c2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:35:17 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 185663
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5717
x-amz-cf-id: Wye9DJVIxc8sH764FgUDD5grcNETPxEW7kWKRTgFkISzNUqPUw0rig==

GET
H2 200 logo-jal.png
img.pointtown.com/pc/img/exchange/logo/ 6 KB
6 KB 58ms
48ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-jal.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: fce6b96478e2ba0bf5ba721a979bad117db6317a23a5c4edd889049f01cb426c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 18:51:32 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 253088
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6308
x-amz-cf-id: LlLaU7FOUc3mGuOT1YKO8E95IX9Oi8KRhuHXC7gOEuhtvwR-bvgkRw==

GET
H2 200 logo-bitcoin.png
img.pointtown.com/pc/img/exchange/logo/ 7 KB
7 KB 61ms
51ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-bitcoin.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3e63378e8ea523795d2190def7c478e834358c61e3dd43f306248000c6afb2ae

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 18:51:32 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 253088
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 7211
x-amz-cf-id: 0ZYUkgDLd5PeMTveluzg1O6TfV0NaH5zSyt6SSQquKpsdt5e9VWSkg==

GET
H2 200 logo-toranoko.png
img.pointtown.com/pc/img/exchange/logo/ 9 KB
10 KB 57ms
47ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-toranoko.png?v=180718
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 5c09beee029ab0e5c6a32642fd1aca2c0f265d6dfe7802a5b828e4d22ba242e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 12:45:44 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 534236
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 9498
x-amz-cf-id: cXQKrqwiEMj_fqo6Yeu4AxbH8oPraVe04XJMlhdMeUCtNi9oHI6huQ==

GET
H2 200 logo-point-fund-childfund.png
img.pointtown.com/pc/img/exchange/logo/ 10 KB
10 KB 81ms
71ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-point-fund-childfund.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: de8b6c1956087b0732071bebf76481a37f38becb52d5f9badb607e98f4592a49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 06 Oct 2021 18:53:27 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 252973
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10355
x-amz-cf-id: 5quyJM-0Fg3PzIv3yiLFPwuLS9WnIByI-1J7n57gYCI7kQS1RGuwgg==

GET
H2 200 2f6613c0e52d11eba37152540010127a3baa0adbbbdeb4e2eb.png
img.pointtown.com/image/profile/image_upload/ 21 KB
21 KB 66ms
56ms Image
application/octet-stream 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/image/profile/image_upload/2f6613c0e52d11eba37152540010127a3baa0adbbbdeb4e2eb.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b30ec4212b4d3ac0aa2a16c90cdc7b48712ca69efd1c3a1190be4ca00d82b97

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 07:49:43 GMT
via: 1.1 89e14ce757792ac369341dc84fa01d52.cloudfront.net (CloudFront), 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Thu, 15 Jul 2021 05:26:20 GMT
server: AmazonS3
age: 33598
etag: "ddb48daab507507e031a5c9cf974a7a9"
x-cache: Hit from cloudfront
content-type: application/octet-stream
x-amz-cf-pop: NRT57-C2, FRA56-C1
accept-ranges: bytes
content-length: 21105
x-amz-cf-id: 0ZHc4cBGDjl48hrBnZq3K3kP4Bu_o9I57AFxMoUp0ejD-FPAzBwp4Q==

GET
H2 200 logo-dream-mail.png
img.pointtown.com/pc/img/exchange/logo/ 6 KB
6 KB 60ms
50ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-dream-mail.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 81878d8106b8d4189a23d914a6a0c92f1a02cabe911c349f0521102e95338b37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 09:11:07 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 28713
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 5676
x-amz-cf-id: _cv_8z3M-9Jfw3E9kibmv061ioxFXHaCLzG5O-riuQUGlMkotou5ig==

GET
H2 200 logo-infoq_ver2.png
img.pointtown.com/pc/img/exchange/logo/ 17 KB
17 KB 62ms
53ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-infoq_ver2.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3ff0dd59e5073e63dbf7b6bd5d11242d1ff27e279be9a2c8026de54ac434b8c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 07:49:42 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 33598
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 17166
x-amz-cf-id: E5YuokvmCH0t8JIDwmNOyCapLVLNxql_IJZD2X6dMAZFs3rh4GigNA==

GET
H2 200 logo-amex.png
img.pointtown.com/pc/img/exchange/logo/ 14 KB
14 KB 83ms
73ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/exchange/logo/logo-amex.png?ver2
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 8f397d4bc89f4ffacb1082386934665b0825d64c1864e4ca4895c1e28da6137f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 07:49:42 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 33598
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 14163
x-amz-cf-id: GZbTKGTt3GgQaBQV6b_9-s1YgTk9ca5wzF3-jXGRrA0qce3TMjep0Q==

GET
H2 200 validation.js Show response
www.pointtown.com/pc/dist/js/exchange/ 2 KB
1 KB 13ms
13ms Script
application/javascript 45.60.1.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pointtown.com/pc/dist/js/exchange/validation.js
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.176 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: c15ddad8ddf1d3fbefe596f610ccd48861370769456835c38134719da8eb9cec

Request headers

:path: /pc/dist/js/exchange/validation.js
pragma: no-cache
cookie: vu=dKTewD9s1JuhUJcYDAzJtdouI7ys3fSGdKTewD9s1JuhPgNttHUU6Dd+F7NXedKUKi/Y9CO04DJK2ujfKtHLSMqN6MHhUx9Cwk+nDmz8I0et8ubjOMiiqWqDR6dkIz2LzibSqocmso0; cref=http%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex; cunibr=OLiZJOHjf3J; JSESSIONID=3F7CF2D4D7ABD17FE9B8C3ABBC8615C4.tomcat04; visid_incap_1652102=LU83gedXQQOaEOw29m9SWdHMYWEAAAAAQUIPAAAAAABAqQIQKn395kyIW7gszyv5; nlbi_1652102=5AAeWt4/u2f+9rDZTitn/wAAAACj4QAFdtSmTyOHMUQeVqng; incap_ses_1309_1652102=FKWdHsS5XQCF1PRl3YAqEtHMYWEAAAAAYOZDWnNz1QcFtmnA0MyThg==; _ga=GA1.2.1374866761.1633799379; _gid=GA1.2.223457300.1633799379; _qg_fts=1633799379; QGUserId=1124769015857542; _qg_pushrequest=true; _qg_cm=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.pointtown.com
referer: https://www.pointtown.com/ptu/exchange/index
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/ptu/exchange/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
content-encoding: gzip
last-modified: Fri, 08 Oct 2021 09:38:40 GMT
x-cdn: Imperva
etag: "886ee725"
content-type: application/javascript
x-iinfo: 14-89714069-89713648 2cNN RT(1633799379923 0) q(0 0 0 -1) r(0 0) U1
content-length: 929

GET
H2 200 icon-instagram-friend.png
img.pointtown.com/sp/img/sns/ 2 KB
3 KB 53ms
44ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/sp/img/sns/icon-instagram-friend.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: beccf0b1d2de9e9bd905ca3a5879e86aef630e99e6189c073a025ed9f7dcd6fc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 02:56:41 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 483179
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2532
x-amz-cf-id: KQd6vdf805qChR0fJGmsxHeTapj8ad3WNEa6ikuF0YSlOosY23A8fQ==

GET
H2 200 icon-twitter.png
img.pointtown.com/sp/img/sns/ 1 KB
1 KB 83ms
74ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/sp/img/sns/icon-twitter.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d1763b6b8c0c257b50eb8d68290cd3093b2765e0c2a3497319e5d0f646ad407d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 02:56:41 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 483179
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1170
x-amz-cf-id: 28dCHDd2gjhZZJhy5aSe_gzAuLahZ2no6R61IHgTUadf6X6d8YZHsQ==

GET
H2 200 icon-facebook.png
img.pointtown.com/sp/img/sns/ 2 KB
2 KB 55ms
46ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/sp/img/sns/icon-facebook.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d2aca5bef3584995bd72287db06d8ee313b6e44e10b2555d18c74da063a6ccfd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:47:00 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 354160
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1821
x-amz-cf-id: 8Q5oQZIRwE1JOzRI5thZ10yOE3kivML7xYjYxhrYEgsNAPznRMPsWQ==

GET
H2 200 icon-lineofficial-friend.png
img.pointtown.com/sp/img/sns/ 1 KB
2 KB 83ms
74ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/sp/img/sns/icon-lineofficial-friend.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: cdffd128506955a2add72e28ef4f901c6866a47fd6a0e3bed1d08edf4a5be25b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:47:00 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 354160
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1344
x-amz-cf-id: W6xM7ABckPVt7B9aveFK5toQ6kAmJ9fISG_4qWEpH1Us3rwcGPzpAg==

GET
H2 200 btn-android.png
img.pointtown.com/pc_ver2/vender/app-store-bnr/ 15 KB
15 KB 58ms
50ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc_ver2/vender/app-store-bnr/btn-android.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d44d620eea3ff8eeb60c5328ecbc5b00ee6a37e5354184e71120fb7cdc64b3e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 13:27:34 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 186125
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 15463
x-amz-cf-id: S4SzHG6-PENU0NDFC3o1OeVGebkhhp9QvvJLlosb9w-3DlQOZk6F7Q==

GET
H2 200 icon_qr_android.gif
img.pointtown.com/image/page/lp/renew_lp/ 2 KB
2 KB 66ms
58ms Image
image/gif 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/image/page/lp/renew_lp/icon_qr_android.gif
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: cc285af9086c6728dad1d1dfd23e1db87c0db1fe761f894021d0d2d8d125f038

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 19:08:35 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:12:59 GMT
server: Apache
age: 79265
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1576
x-amz-cf-id: M06frjn2Iv8_wtmQIJqTQUSIsPZwjuHrsO8nEJqVlGQa8qUGZLJj9A==

GET
H2 200 btn-ios.png
img.pointtown.com/pc_ver2/vender/app-store-bnr/ 12 KB
13 KB 79ms
70ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc_ver2/vender/app-store-bnr/btn-ios.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 9de66fc6de107331d90cb0d82cbf8cac5eeaca0c9321a0b2553942ddb3a57299

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 16:05:34 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 176646
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 12589
x-amz-cf-id: me-dmjR51nLEH3nKVophxHquRF-sgjcffLeZPHek_sbQ5k07Ox67JQ==

GET
H2 200 icon_qr_ios.gif
img.pointtown.com/image/page/lp/renew_lp/ 2 KB
2 KB 58ms
50ms Image
image/gif 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/image/page/lp/renew_lp/icon_qr_ios.gif
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 1398f9b764e8dc4170c8d929fd94aaefd1fc2e1855efdc7774ddd8b43ae51894

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 02:56:41 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:12:59 GMT
server: Apache
age: 483179
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1576
x-amz-cf-id: 4YGFZNeuMeDqfHSSEHxJIKFh4gmwCFZo3PyiPnanO6DrAwA2-YJ4bw==

GET
H2 200 bnr-yakusoku.png
www.pointtown.com/pc/img/common/ 1 KB
1 KB 17ms
9ms Image
image/png 45.60.1.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pointtown.com/pc/img/common/bnr-yakusoku.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.176 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: bb974e04e42ba2843f28402f78c6c877f10ad6fbdbe006598ac34998f9eb15aa

Request headers

:path: /pc/img/common/bnr-yakusoku.png
pragma: no-cache
cookie: vu=dKTewD9s1JuhUJcYDAzJtdouI7ys3fSGdKTewD9s1JuhPgNttHUU6Dd+F7NXedKUKi/Y9CO04DJK2ujfKtHLSMqN6MHhUx9Cwk+nDmz8I0et8ubjOMiiqWqDR6dkIz2LzibSqocmso0; cref=http%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex; cunibr=OLiZJOHjf3J; JSESSIONID=3F7CF2D4D7ABD17FE9B8C3ABBC8615C4.tomcat04; visid_incap_1652102=LU83gedXQQOaEOw29m9SWdHMYWEAAAAAQUIPAAAAAABAqQIQKn395kyIW7gszyv5; nlbi_1652102=5AAeWt4/u2f+9rDZTitn/wAAAACj4QAFdtSmTyOHMUQeVqng; incap_ses_1309_1652102=FKWdHsS5XQCF1PRl3YAqEtHMYWEAAAAAYOZDWnNz1QcFtmnA0MyThg==; _ga=GA1.2.1374866761.1633799379; _gid=GA1.2.223457300.1633799379; _qg_fts=1633799379; QGUserId=1124769015857542; _qg_pushrequest=true; _qg_cm=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.pointtown.com
referer: https://www.pointtown.com/ptu/exchange/index
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/ptu/exchange/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-iinfo: 14-89714082-0 0CNN RT(1633799379970 0) q(0 -1 -1 -1) r(0 -1)
date: Sat, 09 Oct 2021 17:09:39 GMT
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
x-cdn: Imperva
etag: "ed0d2439"
content-length: 1252
content-type: image/png

GET
H2 200 jipc_2016.gif
img.pointtown.com/pc/img/common/ 10 KB
10 KB 65ms
57ms Image
image/gif 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/common/jipc_2016.gif
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e65077b9f98ed3432e0878f87dbfdd4358108111dcc6ec44ddefe19d1c85c0e6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 23:27:19 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 495741
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10000
x-amz-cf-id: hDT1isF9kYEVkcajXNxJu3doHMK5Ws6ovDDMFEDeO-osNVFe0_k4Gg==

GET
H2 200 stop_540x249.png
img.pointtown.com/pc/img/common/ 57 KB
57 KB 67ms
59ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/common/stop_540x249.png
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 02:12:47 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 226613
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 58080
x-amz-cf-id: trkqUh07kfoJiM7IqP-gQ9kowpSZuhCZkw9dbeawoPClJ1BWQsPhFg==

GET
H2 200 intersection-observer.js Show response
img.pointtown.com/pc/vendor/intersection-observer/ 22 KB
7 KB 14ms
3ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/vendor/intersection-observer/intersection-observer.js?v=1565244849
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 51707b58bbec62b8ba51360216e55f57968674aafccd46f8642ff25fbb1c9310

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 08:32:33 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:32:56 GMT
server: Apache
age: 203827
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 6312
x-amz-cf-id: 5XU2J92zAk5d6kjJkyw9spDAhtOIsBgJd4Fj7PymoyZ_P-DiCzkYRg==

GET
H2 200 lozad.js Show response
img.pointtown.com/pc/vendor/lozad/dist/ 5 KB
2 KB 19ms
6ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/vendor/lozad/dist/lozad.js?v=1565244849
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3a90d7200a98b9cc9e351c6142d585c797f0fb61fdf087fe49e88ab2cb39bfd9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 04:48:00 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:33:34 GMT
server: Apache
age: 130900
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1428
x-amz-cf-id: chgpn4Od3mviuiCF5PGp81xUD-whAqg21euyVJJ0dki1D2ojjo_-CQ==

GET
H2 200 ecl.js Show response
img.pointtown.com/toolbar/ 21 KB
13 KB 21ms
8ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/toolbar/ecl.js?v=1422796882
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ba7ad3820cc7327ed4365c6895d489bcb731857d9af08d7b1c144825379f54b3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 15:49:01 GMT
content-encoding: gzip
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 523239
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 12764
x-amz-cf-id: PygJX74CkFwuON7A4uex6wWKrkfViN5AkZ-u4DlZ6xFMrXK3DzF7XQ==

GET
H2 200 app.js Show response
img.pointtown.com/pc/dist_ver2/js/ 3 KB
1 KB 20ms
6ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist_ver2/js/app.js?v=1519180233
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f017e2bdbd49874f1f43cdbc6de927af1eeec6effbc40ad6a546a2b6e0bfb9e1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 08:32:33 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:32:41 GMT
server: Apache
age: 203827
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1146
x-amz-cf-id: WJ5IqyRq75Jxqa8PQx8Ze7V-DWriFqpsBFahzdB9QHIeSde0H5LQbg==

GET
H2 200 common.js Show response
img.pointtown.com/pc/dist_ver2/js/common/ 8 KB
3 KB 21ms
8ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist_ver2/js/common/common.js?v=1595380950
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 3faef3ab24f899e7da9b111647730472eba2f691ac3f81b6aafdbb8c64470bde

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 13:21:38 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:32:45 GMT
server: Apache
age: 445682
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 2377
x-amz-cf-id: FIMsQiCAWeomkKYr_2IzCZAjX2u7A7nnbwZedXDWyKkq0LL94_xibA==

GET
H2 200 jquery.cookie.js Show response
img.pointtown.com/js/ 668 B
753 B 91ms
78ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/js/jquery.cookie.js?v=1538013847
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d6efd723a3dfa7d6e940db90915ee1516df1c4e153aae58603f3f7002588ea11

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 21:27:09 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:32:49 GMT
server: Apache
age: 330151
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 388
x-amz-cf-id: CI5upx4xbFQPgv-emwxB4a6sjtwDW_4eaL6PPi5TkMAeN4eAdY666w==

GET
H2 200 slick.min.js Show response
img.pointtown.com/pc/vendor/slick-carousel/slick/ 42 KB
10 KB 21ms
9ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/vendor/slick-carousel/slick/slick.min.js?v=1520322737
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sun, 03 Oct 2021 02:43:11 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 03:36:24 GMT
server: Apache
age: 570389
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 10336
x-amz-cf-id: VfG2XD10Qdjs0Fi4VNgADSpWcSEx_GV7OhaKt4YaRnAG7zTtpGXwrQ==

GET
H2 200 slider.js Show response
img.pointtown.com/pc/dist_ver2/js/common/ 4 KB
2 KB 23ms
8ms Script
application/javascript 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/dist_ver2/js/common/slider.js?v=1526502448
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 9092d51e36d7ac45e785403e1c27f0635e10bec47c1b0e4a077832ca16640a72

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 02:56:41 GMT
content-encoding: gzip
last-modified: Fri, 01 Oct 2021 03:35:35 GMT
server: Apache
age: 483179
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 1571
x-amz-cf-id: 5x4aIt4mnSlM4_yZZ0AlG7uLnyRYUbL-8wFlwS2w185j24a22loCIA==

GET
H2 200 slick.css
img.pointtown.com/pc/vendor/slick-carousel/slick/ 2 KB
925 B 24ms
9ms Stylesheet
text/css 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://img.pointtown.com/pc/vendor/slick-carousel/slick/slick.css?v=1520322737
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Thu, 07 Oct 2021 18:53:15 GMT
content-encoding: gzip
last-modified: Mon, 04 Oct 2021 05:33:34 GMT
server: Apache
age: 166585
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 569
x-amz-cf-id: OeE_J508jdP2PQ3RNiK0NAtD6hIwF3-SUWQSadTgXP1OZbMXtbpcbg==

GET
H2 200 conversion.js Show response
www.googleadservices.com/pagead/ 45 KB
18 KB 77ms
38ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion.js

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c4785de28130c31a872de32d771ad9b5d7f0eeb88418fdbb3b31c095ae78f52f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17603
x-xss-protection: 0
server: cafe
etag: 16706847242650793696
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 09 Oct 2021 17:09:40 GMT

GET
H2

200

5619 Show response
ut.rd.linksynergy.com/js/
Redirect Chain

https://jp-tags.mediaforge.com/js/5619/
https://ut.rd.linksynergy.com/js/5619

16 KB
16 KB

246ms
218ms

Script
text/html

34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.rd.linksynergy.com/js/5619
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: b3be43e9895d8534ef76aaa72ec0b25fb839658f9032595e99f823622fcb439b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 google
last-modified: Sat, 09 Oct 2021 17:09:40 GMT
x-samesite: secure
cache-control: max-age=2592000, no-cache
accept-ranges: bytes
content-type: text/html
alt-svc: clear
content-length: 16378
expires: Fri, 08 Oct 2021 22:01:20 GMT

Redirect headers

location: https://ut.rd.linksynergy.com/js/5619
date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 google
alt-svc: clear
content-length: 72
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK script.min.js Show response
cache.img.gmo.jp/gmo/header/ 28 KB
9 KB 97ms
9ms Script
application/javascript 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.img.gmo.jp/gmo/header/script.min.js
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: f48741cbb963ac52af710cabc65acee72eadefe44f08e4b47a25a675ac09992d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:40 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Oct 2021 07:31:59 GMT
Server: PWS/8.3.1.0.8
Age: 6379
ETag: "709a-5cd81e888ff92"
X-Ws-Request-Id: 6161ccd4_PSdgflkfFRA2po7_28744-56379
Content-Type: application/javascript
Via: 1.1 PSrbJP1ez85:10 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA2sg74:15 (W)
Cache-Control: max-age=7200, public
Transfer-Encoding: chunked
X-Px: ht PSdgflkfFRA2sg74FRA
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 403 a.js
a.t.webtracker.jp/js/ 0
0 1253ms
239ms Script
text/html 34.107.220.231
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://a.t.webtracker.jp/js/a.js
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.220.231 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 231.220.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H/1.1 200
OK script.min.js Show response
cache.img.gmo.jp/gmo/footer/ 16 KB
5 KB 104ms
16ms Script
application/javascript 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.img.gmo.jp/gmo/footer/script.min.js
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 8dac7d60435176261e7ba763fae4212b7f53907b287a2307d5de147762ffe6c6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:40 GMT
Content-Encoding: gzip
Last-Modified: Wed, 06 Oct 2021 02:10:59 GMT
Server: PWS/8.3.1.0.8
ETag: "4050-5cda5a8426f08"
X-Ws-Request-Id: 6161ccd4_PSdgflkfFRA2po7_31259-1264
Content-Type: application/javascript
Via: 1.1 PSrbJP1ez85:9 (W), 1.1 PSdgflkfFRA1bc200:5 (W), 1.1 PSdgflkfFRA2mu72:12 (W)
Cache-Control: max-age=7200, public
Transfer-Encoding: chunked
X-Px: ht PSdgflkfFRA2mu72FRA
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 _Incapsula_Resource Show response
www.pointtown.com/ 152 KB
22 KB 25ms
18ms Script
application/javascript 45.60.1.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pointtown.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=598612786
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.176 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 5f8e256e90f2d850f0af3ad460cdf5746c01802b703289222b99b11658f0775e

Request headers

:path: /_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=598612786
pragma: no-cache
cookie: vu=dKTewD9s1JuhUJcYDAzJtdouI7ys3fSGdKTewD9s1JuhPgNttHUU6Dd+F7NXedKUKi/Y9CO04DJK2ujfKtHLSMqN6MHhUx9Cwk+nDmz8I0et8ubjOMiiqWqDR6dkIz2LzibSqocmso0; cref=http%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex; cunibr=OLiZJOHjf3J; JSESSIONID=3F7CF2D4D7ABD17FE9B8C3ABBC8615C4.tomcat04; visid_incap_1652102=LU83gedXQQOaEOw29m9SWdHMYWEAAAAAQUIPAAAAAABAqQIQKn395kyIW7gszyv5; nlbi_1652102=5AAeWt4/u2f+9rDZTitn/wAAAACj4QAFdtSmTyOHMUQeVqng; incap_ses_1309_1652102=FKWdHsS5XQCF1PRl3YAqEtHMYWEAAAAAYOZDWnNz1QcFtmnA0MyThg==; _ga=GA1.2.1374866761.1633799379; _gid=GA1.2.223457300.1633799379; _qg_fts=1633799379; QGUserId=1124769015857542; _qg_pushrequest=true; _qg_cm=1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.pointtown.com
referer: https://www.pointtown.com/ptu/exchange/index
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/ptu/exchange/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 22163
content-type: application/javascript

GET
H2 200 analytics.js Show response
analytics.karakuri.ai/v1/ 81 KB
27 KB 63ms
28ms Script
text/javascript 13.32.29.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.karakuri.ai/v1/analytics.js
Requested by: Host: pointtown.karakuri.ai
URL: https://pointtown.karakuri.ai/api/chats/popup.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-123.fra56.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: 581ee406dafb31a0ac624c7936b06794993ee4593f1d3d5793a6453a458e05a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:02:49 GMT
content-encoding: gzip
server: awselb/2.0
age: 411
vary: Accept-Encoding
x-edge-origin-shield-skipped: 0
content-type: text/javascript
via: 1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: qdIo-zESiJafd7O4yX5WvYlHJLQJN7IDD8bHm4GYPYBBm3SpYJPvyQ==

GET
H2 200 action Show response
pointtown.karakuri.ai/api/ 1 KB
1 KB 52ms
25ms XHR
application/json 143.204.209.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://pointtown.karakuri.ai/api/action

Requested by

Host: pointtown.karakuri.ai
URL: https://pointtown.karakuri.ai/api/chats/popup.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.209.38 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-209-38.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

c0c74832c7e402c092ccb3789dcd2407e52ea661c59c612d63d186c830c02200

Security Headers

Name	Value
Content-Security-Policy	default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security	max-age=15552000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.pointtown.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src 'self';base-uri 'self';block-all-mixed-content;font-src 'self' https: data:;frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: none
age: 46
x-dns-prefetch-control: off
x-cache: Hit from cloudfront
date: Sat, 09 Oct 2021 17:08:54 GMT
vary: Accept-Encoding
x-xss-protection: 0
access-control-allow-origin: *
referrer-policy: no-referrer
server: nginx
x-frame-options: SAMEORIGIN
etag: W/"445-qkNG41N/RJK42WrEymBWCZEJqyw"
expect-ct: max-age=0
strict-transport-security: max-age=15552000; includeSubDomains
x-download-options: noopen
content-type: application/json; charset=utf-8
via: 1.1 960a66a5b9d832814160983d391e997c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: jnjt3z42fj6PbJDQzZ3Fgb7EZV3QHcQ9CAV6iphfqwcmego7pcotkg==

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 122ms
38ms Script
application/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 16:58:43 GMT
content-encoding: gzip
age: 656
x-edge-origin-shield-skipped: 0
x-cache: Hit from cloudfront
timing-allow-origin: *
server: Server
x-amz-rid: 0CSXTM1WD9Z8A2WDZBS1
etag: e2b905aea413c4d7479fb2bb9cbc6c65
vary: Accept-Encoding
x-amz-version-id: zTpXqDhrs..xkKPVKkqB8HVtw0cnTzHi
via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: CMcIsAL3qqv-lHhnDHmBB9InpIPiW81DrmZDxo517jFC1rqy89_17w==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 47ms
17ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25967
x-xss-protection: 0
pragma: public
x-fb-debug: qL1/ZmntkFFQZlJ0A1TnKOWQrFdd928WanPpgJf2GASIoUbzU/pJvvZSYU9Et90fN56ayD3ndk2T1zY0bnSvug==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Sat, 09 Oct 2021 17:09:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lib.min.js Show response
s.dc-tag.jp/ 13 KB
13 KB 476ms
10ms Script
application/javascript 2600:9000:214f:f800:8:20a4:6400:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.dc-tag.jp/lib.min.js
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:f800:8:20a4:6400:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: cc5b96d9c0c9e330adc0f383e242040e6c3e570cd084b4ce49b8e7dac77e6174

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Sat, 09 Oct 2021 16:22:26 GMT
via: 1.1 2d1e1e8dc0f3eb7773ec9d89a7d50ce2.cloudfront.net (CloudFront)
last-modified: Wed, 10 Mar 2021 06:05:06 GMT
server: AmazonS3
age: 6250
etag: "13290d72851e008d8c2dc8d4afea6ec8"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=3600, private
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 13409
x-amz-cf-id: -6lM07FxojrCNejRCVAu2jVrYXr59EOwTRlYEfcgvXZoCS7391NHUQ==

GET
H2 200 rakuten.png
img.pointtown.com/pc/img/shopping/common/shop-icon/ 34 KB
34 KB 73ms
67ms Image
image/png 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/pc/img/shopping/common/shop-icon/rakuten.png
Requested by: Host: img.pointtown.com
URL: https://img.pointtown.com/pc/dist_ver2/css/app.css?v=1630029219
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: f3c2f272b4bb3a71409dd7ef400c15e01c560fd1966220bad4cfab3487986ca6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://img.pointtown.com/pc/dist_ver2/css/app.css?v=1630029219
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 04 Oct 2021 01:46:48 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 06 Oct 2020 09:13:02 GMT
server: Apache
age: 487372
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 34494
x-amz-cf-id: SAl--gyGRfFNDhjQC6bke8UcX0o5YFsuZvs-tUu67nqT0wEBvXGFmg==

GET
H2 200 YakuHanJPs-Regular.woff2
cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/fonts/YakuHanJPs/ 3 KB
3 KB 104ms
35ms Font
font/woff2 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/fonts/YakuHanJPs/YakuHanJPs-Regular.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/yakuhanjp_s.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b2dd1d6a2411500d1f8ce0c5f79c34d3a30a38331269301f1efc85c8c3a8507d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/yakuhanjp_s.min.css
Origin: https://www.pointtown.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 932488
x-jsd-version: 3.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3024
x-served-by: cache-fra19146-FRA, cache-mxp6922-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"bd0-OVa2ZUxbVMFsO2pvu4BN3rWUTWk"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 69b937d07ede5a1f-MXP

GET
H2 200 YakuHanJPs-DemiLight.woff2
cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/fonts/YakuHanJPs/ 3 KB
3 KB 105ms
37ms Font
font/woff2 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/fonts/YakuHanJPs/YakuHanJPs-DemiLight.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/yakuhanjp_s.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4a4d6c34e73e515d199f3bd0642480dcbb80e7729c64a570ada6bb9b99d0153

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/yakuhanjp_s.min.css
Origin: https://www.pointtown.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 896060
x-jsd-version: 3.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3108
x-served-by: cache-fra19120-FRA, cache-mxp6924-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c24-kjlPn5az1gy+7SUH6A1wUEP15SU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 69b937d07ee45a1f-MXP

GET
H2 200 YakuHanJPs-Bold.woff2
cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/fonts/YakuHanJPs/ 3 KB
4 KB 101ms
33ms Font
font/woff2 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/fonts/YakuHanJPs/YakuHanJPs-Bold.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/yakuhanjp_s.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

03571f8dee609155fdacb1a46e1f5667472674de39f9c4070098c6f4a5da23e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/yakuhanjp_s.min.css
Origin: https://www.pointtown.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 856680
x-jsd-version: 3.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3128
x-served-by: cache-fra19140-FRA, cache-mxp6956-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"c38-dGikIC+0T/LDUBRRH57JOyBOKsU"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 69b937d07ee75a1f-MXP

GET
H2 200 YakuHanJPs-Medium.woff2
cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/fonts/YakuHanJPs/ 3 KB
3 KB 104ms
36ms Font
font/woff2 2606:4700::6810:5614
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/fonts/YakuHanJPs/YakuHanJPs-Medium.woff2

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/yakuhanjp_s.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5614 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

98e6a500c643be161caeaa733cc390d13284e798fd3c6c42e1445d710fc4bcd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/yakuhanjp@3.0.0/dist/css/yakuhanjp_s.min.css
Origin: https://www.pointtown.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1420340
x-jsd-version: 3.0.0
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 3064
x-served-by: cache-fra19132-FRA, cache-mxp6971-MXP
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"bf8-IiG328ivMgKWcCbCkQDxNHWDFlw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
cf-ray: 69b937d07ee95a1f-MXP

GET
H2 200 pubads_impl_2021100401.js Show response
securepubads.g.doubleclick.net/gpt/ 344 KB
120 KB 20ms
19ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

sffe /

Resource Hash

7770fb287496ea4c36d2ac2f7ee6200008b73da0ec061c4d7e6d7a591df92fd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 122419
x-xss-protection: 0
last-modified: Mon, 04 Oct 2021 08:37:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 09 Oct 2021 17:09:40 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 92 B
109 B 53ms
37ms XHR
application/json 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pointtown.com

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

5d4378f2cdc0b3e1796b1fba88c50d3a0a49ceb637a5980fbb4f81ac6b155962

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Oct 2021 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84
x-xss-protection: 0
expires: Sat, 09 Oct 2021 17:09:40 GMT

GET
H2 200 9781.jpg
img.pointtown.com/img/exchange/product/202104/ 39 KB
40 KB 12ms
11ms Image
image/jpeg 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/img/exchange/product/202104/9781.jpg
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: a3a7f026c820b65a76c6c5a283a64a3c5f9c3ab89ff8243f9e3ef457795ad9b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 05 Oct 2021 14:12:03 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 12:20:44 GMT
server: Apache
age: 356257
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 40405
x-amz-cf-id: Cj8BgX5qXhlPP9XaStq0CY1Ii0HjH1HFSiU-9vkPEX3TftoN1qkrYg==

GET
H2 200 100024.jpg
img.pointtown.com/img/exchange/product/202104/ 83 KB
84 KB 43ms
43ms Image
image/jpeg 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/img/exchange/product/202104/100024.jpg
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: d4fca7924f9afa97353d74e7830ace05ae30cdf0953996e7f33bc3d9cb9ae8b1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 09:11:07 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 12:20:44 GMT
server: Apache
age: 28713
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 85461
x-amz-cf-id: PYe-zVMb07L5XuONtX7WCO5fdcZG-khHJLGxtA7VZjzMClDnU5Ioxg==

GET
H2 200 100148.jpg
img.pointtown.com/img/exchange/product/202104/ 191 KB
191 KB 19ms
19ms Image
image/jpeg 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/img/exchange/product/202104/100148.jpg
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: ab9b371a0e64a356d81db16e65a208a1d63975b4fc549734c28fd936f17c1f55

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 09:11:07 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 12:20:44 GMT
server: Apache
age: 28713
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public, max-age=864000
x-amz-cf-pop: FRA56-C1
accept-ranges: bytes
content-length: 195172
x-amz-cf-id: iDlw0SZAP7NL23b5nGtuc1nipnxNtNekyRQmkvfdexAzzFSHo7HXYg==

GET
H2 200 8826.jpg
img.pointtown.com/img/exchange/product/202104/ 366 KB
367 KB 498ms
497ms Image
image/jpeg 2600:9000:206f:3e00:1d:253d:9ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pointtown.com/img/exchange/product/202104/8826.jpg
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:3e00:1d:253d:9ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: 6abf325c14b586988e2113fdf7a1817774672117eebb385727d6f080f1ff2133

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
via: 1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
last-modified: Tue, 20 Apr 2021 12:20:44 GMT
server: Apache
x-amz-cf-pop: FRA56-C1
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: public, max-age=864000
accept-ranges: bytes
content-length: 374522
x-amz-cf-id: 4ib2r7gp6sTQGXwoXaabzLdbx2MPgEzytI7jL9y9eGJ_mm0_8x83aw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/871713918/ 3 KB
2 KB 63ms
26ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/871713918/?random=1633799380713&cv=9&fst=1633799380713&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&tiba=%E3%83%9D%E3%82%A4%E3%83%B3%E3%83%88%E3%82%B5%E3%82%A4%E3%83%88%E3%81%A7%E3%81%8A%E5%B0%8F%E9%81%A3%E3%81%84%E3%82%92%E7%A8%BC%E3%81%90%E3%81%AA%E3%82%89%E3%83%9D%E3%82%A4%E3%83%B3%E3%83%88%E3%82%BF%E3%82%A6%E3%83%B3%20byGMO&hn=www.googleadservices.com&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

47c1922a0a583d32b54d29bffbd4d3f85a69cb7614b9af8c231da41107c78aa2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1085
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 config Show response
analytics.karakuri.ai/v1/ 270 B
589 B 28ms
8ms XHR
text/json 13.32.29.123
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.karakuri.ai/v1/config?trackingId=krkr-5fd244b76fccfc0012a9fb3f
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.29.123 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-29-123.fra56.r.cloudfront.net
Software: awselb/2.0 /
Resource Hash: 962a59e4144305a4dc3dbc341f78daba2cc339f90dbd1adc0248201f8a59066d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 16:52:43 GMT
via: 1.1 3acba66e95e31977aee0842f44a6f08e.cloudfront.net (CloudFront)
server: awselb/2.0
age: 1017
x-edge-origin-shield-skipped: 0
content-type: text/json
access-control-allow-origin: *
cache-control: max-age=3600, public
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-C2
content-length: 270
x-amz-cf-id: wikx_NGhmANhAbP9h-8Su0OOwTwZjMVJRUTqaQduopOfB5eQqV6qMw==

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
328 B 374ms
373ms XHR
text/plain 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&pubid=78d175db-21fb-43a8-906b-0ef8aa15087f
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
server: Server
x-edge-origin-shield-skipped: 0
x-cache: Miss from cloudfront
access-control-allow-origin: https://www.pointtown.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: 7x3d70y6LdobndDjZ-62Q1MRwQagKoGzeFq7oEnmSBLFpnhFQsUqoQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
493 B 51ms
50ms XHR
text/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&pid=m0kv3kTORGQYg&cb=0&ws=1600x1200&v=7.69.01&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_header_728x90%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_footer%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_rectangle_bottom_right%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_bbs_tab_native%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptsp_upper_triangular_lot_native%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_minigame_300x250%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_mypage_middle%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_promotion_enquete_300x250%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_mainichiP_header_728x90%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptsp_mainichiP_middle_728x90%22%7D%2C%7B%22sd%22%3A%2210%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_service_top_footer%22%7D%2C%7B%22sd%22%3A%2211%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_enquete_middle_728x90%22%7D%2C%7B%22sd%22%3A%2212%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_kuji_footer%22%7D%2C%7B%22sd%22%3A%2213%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_kuji_header%22%7D%2C%7B%22sd%22%3A%2214%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_lottery_upper_728x90%22%7D%2C%7B%22sd%22%3A%2215%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_mailbox_728_90%22%7D%2C%7B%22sd%22%3A%2216%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_pointquestion_468x60%22%7D%2C%7B%22sd%22%3A%2217%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_bbs_728x90%22%7D%2C%7B%22sd%22%3A%2218%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_bbs_superbanner%22%7D%2C%7B%22sd%22%3A%2219%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_lottery_upper_728x90%22%7D%2C%7B%22sd%22%3A%2220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F47908983%2Fptpc_rectangle_upper_right%22%7D%5D&pubid=78d175db-21fb-43a8-906b-0ef8aa15087f&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.21.201 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-21-201.fra56.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
x-amz-rid: GSAM3ZF1V0B076XM3331
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.pointtown.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: ICc-HOUcg--7lWeHSOcXs0NO-RimUrV7HJJUVdOOykvYZjS9-oRGCw==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
9ms XHR
application/javascript 13.32.21.201
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.21.201 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-21-201.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 49790
x-edge-origin-shield-skipped: 0
access-control-max-age: 3000
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Sat, 09 Oct 2021 04:00:28 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 aff6ac5c98fa897349204752e5877c81.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA56-C2
x-amz-cf-id: HuLzKnE8GGBiS_nFDe2q-hhmNua-XrOX_3aVD7qdi4ok1pdAfeGKMA==

GET
H2 200 1472730169463801 Show response
connect.facebook.net/signals/config/ 489 KB
144 KB 66ms
65ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1472730169463801?v=2.9.47&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

36dcf389b964b72596d70dd499749417f143a56d576aff13b492ce5dc77371b4

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: VEloqjclEryVA/nr5iqVqUrhSWRAgma15x6TEkFcsvDIuaZu54eH7Q0f9wBtb6C8YcPwpk2swE804qchOryxKQ==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sat, 09 Oct 2021 17:09:40 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/871713918/ 42 B
569 B 64ms
25ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/871713918/?random=1633799380713&cv=9&fst=1633798800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&tiba=%E3%83%9D%E3%82%A4%E3%83%B3%E3%83%88%E3%82%B5%E3%82%A4%E3%83%88%E3%81%A7%E3%81%8A%E5%B0%8F%E9%81%A3%E3%81%84%E3%82%92%E7%A8%BC%E3%81%90%E3%81%AA%E3%82%89%E3%83%9D%E3%82%A4%E3%83%B3%E3%83%88%E3%82%BF%E3%82%A6%E3%83%B3%20byGMO&fmt=3&is_vtc=1&random=4085150206&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/871713918/ 42 B
569 B 66ms
26ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/871713918/?random=1633799380713&cv=9&fst=1633798800000&num=1&guid=ON&eid=375603260&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&tiba=%E3%83%9D%E3%82%A4%E3%83%B3%E3%83%88%E3%82%B5%E3%82%A4%E3%83%88%E3%81%A7%E3%81%8A%E5%B0%8F%E9%81%A3%E3%81%84%E3%82%92%E7%A8%BC%E3%81%90%E3%81%AA%E3%82%89%E3%83%9D%E3%82%A4%E3%83%B3%E3%83%88%E3%82%BF%E3%82%A6%E3%83%B3%20byGMO&fmt=3&is_vtc=1&random=4085150206&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:40 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
aiqua-sdk.c.appier.net/aiqua/web/2446c4ba0c232e79a229/data/ 0
311 B 167ms
166ms XHR
application/json 52.76.182.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/2446c4ba0c232e79a229/data/
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.182.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-182-76.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pointtown.com/
Accept-Language: de-DE,de;q=0.9
Package-Name: www.pointtown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
server: Jetty(9.3.9.v20160517)
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.pointtown.com
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
content-length: 0

OPTIONS
H2 200 /
aiqua-sdk.c.appier.net/aiqua/web/2446c4ba0c232e79a229/data/ Frame 0
0 557ms
165ms Preflight
application/json 54.251.50.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/2446c4ba0c232e79a229/data/
Protocol: H2
Server: 54.251.50.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-50-59.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,package-name
Origin: https://www.pointtown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
content-type: application/json
content-length: 0
cache-control: max-age=604800
access-control-max-age: 604800
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.pointtown.com
server: Jetty(9.3.9.v20160517)

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 76ms
24ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pointtown.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Oct 2021 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 60ms
24ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pointtown.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Oct 2021 17:09:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 29 KB
13 KB 365ms
365ms XHR
text/plain 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3249395265651571&correlator=589855878222742&output=ldjh&impl=fifs&eid=44749397&vrg=2021100401&ptt=17&sc=1&sfv=1-0-38&ecs=20211009&iu_parts=47908983%2Cptpc_header_728x90%2Cptpc_footer&enc_prev_ius=%2F0%2F1%2C%2F0%2F2&prev_iu_szs=728x90%2C728x90&prev_scp=ad_h%3D17%26ad_group%3Dad_ex3%26amznbid%3D2%26amznp%3D2%7Cad_h%3D17%26ad_group%3Dad_opt%26amznbid%3D2%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1633799380&dt=1633799380810&dlt=1633799378339&idt=2436&frm=20&biw=1600&bih=1200&oid=2&adxs=292%2C429&adys=10%2C3865&adks=808753895%2C3944106491&ucis=1%7C2&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&vis=1&dmc=8&scr_x=0&scr_y=0&psz=965x90%7C1600x90&msz=728x-1%7C728x-1&ga_vid=1374866761.1633799379&ga_sid=1633799381&ga_hid=225482404&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=0%7C1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

b70d605149de85cfa97f786b1647e45720d97ec345028069905055b727d2c22e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13645
x-xss-protection: 0
google-lineitem-id: -1,-1
pragma: no-cache
server: cafe
google-creative-id: -1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pointtown.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame ACD7 6 KB
4 KB 74ms
21ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pointtown.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 09 Oct 2021 17:09:40 GMT
expires: Sun, 09 Oct 2022 17:09:40 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 /
www.facebook.com/tr/ 44 B
425 B 25ms
7ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1472730169463801&ev=PageView&dl=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&rl=&if=false&ts=1633799380872&sw=1600&sh=1200&v=2.9.47&r=stable&ec=0&o=30&fbp=fb.1.1633799380871.483041284&it=1633799380747&coo=false&exp=p1&rqm=GET

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:40 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Sat, 09 Oct 2021 17:09:40 GMT

GET
H2 204 pixel Show response
ad.yieldmanager.com/ 0
367 B 79ms
22ms Script
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.yieldmanager.com/pixel?id=2237487&t=1

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://20626465p.rfihub.com/ca.gif?rb=15273&ca=20626465&ra=63423109
https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=NTE0MjMzNjcxODQ1MTI1MzA4MA==&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D1349...
https://a.rfihub.com/cm?pub=445&in=0&forward=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D13490%26nid%3D2596%26put%3D5142336718451253080https%253A%252F%252Fib.adnxs.com%252Fsetuid%253Fent...
https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336718451253080https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336718451253080

0
239 B

34ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336718451253080https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336718451253080
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=5142336718451253080https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D18%26code%3D5142336718451253080
Date: Sat, 09 Oct 2021 17:09:41 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

POST
H2 200 10040 Show response
t.dc-tag.jp/post/ 12 B
449 B 1450ms
355ms Fetch
application/json 2406:da14:9ab:eb00:a656:c6e4:eb32:a5a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://t.dc-tag.jp/post/10040
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2406:da14:9ab:eb00:a656:c6e4:eb32:a5a1 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8e99ab7bc3c433795138b09e71a29e36853306303f5016b946e2a00333d26c66

Request headers

Accept: application/json
Referer: https://www.pointtown.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=utf-8

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
x-privacy: {'GB'}
access-control-max-age: 63072000
access-control-allow-methods: None
content-type: application/json
access-control-allow-origin: https://www.pointtown.com
cache-control: private, no-store, no-cache, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: *
content-length: 12
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 container.html Show response
d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C47 6 KB
3 KB 315ms
14ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pointtown.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 09 Oct 2021 17:09:40 GMT
expires: Sun, 09 Oct 2022 17:09:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 container.html Show response
d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 29FC 6 KB
3 KB 312ms
15ms Document
text/html 2a00:1450:4001:803::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pointtown.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin: *
content-length: 3108
date: Sat, 09 Oct 2021 17:09:40 GMT
expires: Sun, 09 Oct 2022 17:09:40 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 / Show response
www.facebook.com/tr/ Frame E555 0
109 B 8ms
7ms Document
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

:method: POST
:authority: www.facebook.com
:scheme: https
:path: /tr/
content-length: 2968
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
origin: https://www.pointtown.com
content-type: application/x-www-form-urlencoded
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pointtown.com/
accept-encoding: gzip, deflate, br
cookie: fr=0E7bh5DiNTJkr9v3K..BhYczU...1.0.BhYczU.
Upgrade-Insecure-Requests: 1
Origin: https://www.pointtown.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.pointtown.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Sat, 09 Oct 2021 17:09:41 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6DFC 624 B
369 B 30ms
27ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNXbD_1scefYoqjRpxalhEfsaZThXY5DO59qALbN4xXtTRx74X7cS8iherM2Jo860rfrnH-j4h_aj4Lp0i3Vlo4aLpIsu-mJBoy_Dhi-aMGHjUm5Qvaxjka6C5lkuqpLfmu6EcM1za3BHYqo20NWURodF-kvoTVWhjGP4j80a7yEnh_RX-8

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNXbD_1scefYoqjRpxalhEfsaZThXY5DO59qALbN4xXtTRx74X7cS8iherM2Jo860rfrnH-j4h_aj4Lp0i3Vlo4aLpIsu-mJBoy_Dhi-aMGHjUm5Qvaxjka6C5lkuqpLfmu6EcM1za3BHYqo20NWURodF-kvoTVWhjGP4j80a7yEnh_RX-8
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlmTPotaawLmxDoKCh6vqxIUYGdXc3jpUsWqg2ttXNV2SVNyD317RuUn_DcwBw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 09 Oct 2021 17:09:41 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 6C47 71 KB
28 KB 90ms
88ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmTJxp4UhgrEGfr6kanobJ75IJujYF5WvaOMc4aCkZOvM8flV4xucg0dG4dNUd4hV8CLje8bGYSg3ec9dTqeB0jLwVkemqlG48ZUer0b65rGyYfs49nDiEIsBnD3jM2vu5hSCtgCiBWLjaDvWGqPN38A1Rzg&dbm_d=AKAmf-C06iEbZf5u22H9NjE0afa73fCr3uHjQ7jTcgZ7HGqFps5Ie2G54eapetGI_1CG8Y6ykeqKfVIIxjnKKZIAItM0DiEwi0w0dwgTUNZpb-5eTPtRT9qOEpPDy0WEFAd2edPO-XF__Myr0CsL9SSAe-MlDcymtk0Ynk6GIIGm_7KHsfaJqXkw1qGszyRIchC0Lhjz_GBg8OgWAvhicQWCpHml2oEfTh2njApyyh7-gPE4Hz976whxA4_vyI4FQc9s-uYk2d0eE2kfJ5TTrJ55KqiymlWpOqE-4cAZ31R1KD6gzdfN7d5B42lLNtuAyVXadTKpW0MrwuWe4yoPao9NNjXqKwX4DriSMWqqx4IohRbQ4FZZqdApE5yHaFnXlaH2PAsgFZyxbOcwGprjuT38CCgVSwrDLbknYrhFiTfPRt-AOw8cLCAT8au6_WLYr4y3rmq0co0JlIBP38IuMxlT1fH0ZYoN_EG4MpfvOhp-rrVv-g87QVTEhSjQQBeQW3mUbn839EFGMXUm9bYs5F2_ZKeO7Tzocf_CCApJeN-Er8igXd7Ncv-LwqFlUR8Xx7m86rY_NvC5rNCfh73WLtL62m4_Z5iMN1hnKoyIvMfXDlVUv096i_uIsAjBOglp-srM4nNI6Tv-B0tsZcEWmaXTpKCCSfS8PovNbQaEhCrpB8yqC1aHc0Rug2ec_Ty4J4xpkb4dO728UIgr5w4uSt6ZpFudIO-BMAUOMIdPNi7Ru23gBYaTJ5e0w_ILqzAeuZO1XDixoolgFw_8cLGHeikaeLPO8Dmzf2q1RRYdXCmBIthl92L3zmqAGF6MGAXDAoqbjUepyQKQ77sBWNJ5wqjShKvaUcSkeQVtoKt4OpTyyeEALE_5Mb1oso2VEv1bCiDrEw5J5DRK9cclJn0jEYPo5JAptnrDrIjIyHpcjXs465ki_1Hxzm3A7UQDXu4TTQ1Mm63DU_8g9rj45ErlrDkn3D4j18-8A4qa5kITuenUcSWSTbMvdM5IggT9Eg6-xY_dOwyCPCG8RB8UwLYALbSzbMvlMIXCNe4wYzm1fRuiUNrFQSY6SN9hFUhb0uhbayo1a8xONaJ6KVKBh4t5IIRnwKLLeqhIz96y3qj9CydMgLsHDSXNW2VeMlpJmQvttxQQVX7-jRwEdJOezeiSbd_Za4GfmCZtYPc6SxSGuBoJKWnwGJeB2Yc9IlFVpv_9J1Edmgdgu8Pmdo6DZ8xTJD1XN-13qUTPswJDFHay5Y0ID2P7kH6KNwaY72VsbqyOBdayFfQ7HlnYUOzXTjYjtdF9l4cG02RUFGY0nMvSOppki6MRWrOylhWNh6qKmpWSHiccInEob-_Y1v2t4KKMv0i4l7UvsMRxICqcBZ-cjVwdsJU6R8u47gkq4tjhmHv9mMOcgANRZIvUVHb8EG3zzo_3bXBof4wnNDi9zC__PN4xgx4ThLl7FAANRT70a0XuBNVXAsheAkjbWN5FaxuJJxS0nlEgxLH8bwA9BQbzkr-U9eUe0U-CZg26UjnWN8dNCHd99Bw8cc7PBFdbN3BAOjNyoq5zGpS9X-FjpkvsWJ6z26Q2TMXFInxY7Z1E3IVnSYg6-JjwhPQyFHsUAoPHbHblJCazPyljyQumGmWZPqK5YhrLmdxBH8lnwS-9txYlKvbehXnS1jelE49U9ApiosTAFq-nzY-GFXrvY15TjbGfb-TR3mhiSnHszbJNfSS4acJyejwR00MbpO4hbwCXg2bLoaLdYwFphq7rWtrAi57HDls-h7ge1-Dbv0InYM9UJXC_uWcB7b221oLdruscEqAHafmFeOajZl64ZsmzLMm74JWR7mU2ABcLpv9D6YNAVJW0Bkua76liv2Uko3KF7DZx67ZWZ0gJi0nJ05zdyHUdHScMdAYuIfWUR0zqeJVqiUCBSS8soz49chxt3r7omOl-5hDqcg-Kb673KonD7xql9M0jBVIQQ-Ueoz0RxpcEULHUW_7zhtabDTp8QZFobna86p1upoehu-dUFa4z4rDsrZtdII3mXxrcCwKPFRoncFoUpaTUwFPciJwkR5R22EgTm1j07dCJ5jWVngTBEBb4a_HZ5PokwnXTcpuyxi-stn2J671iBROnR_o_DIvG62iPQQwQWHbopjqsNKLpdn65U2nerdz1KcGi_HoWJFrnVjCEtqAJlgkIyS4X2eotH3w9VDQeAi7h9SW3Jiqatao16KnYlaJpqAml37sdxdLtdowZcJjEOGSkEe_8_ZgiAONbuYvyZJK5I3DB8iX5Kkg0-3Otq7IA0-37c6ZtUeck2tvufAUo5n6nXkipwNSieyAJKyc_OfDkDPz2OO8uVJaQ8H_2a6loHvyI3ybPpgOr6ZnquuflmJQ3FyDnyJ5o5cYTRmm7wWc1ATTrIRK67913ASUaqL1kkD_CG0g_vFluYzUXhSmcYL8XfPMXEw615JnI0R4Zvje6s2Xhy3xXPWd4_Ca2TQ9_VVApG-hT9AeP6UMGG2vBphNqzFnX0umKgnJuflN_imLBqoPKsEx6ivyBkqWnuBTyudI_yjXMTVL3Mo1UNicFC8D_5SuJpShjS-ocjMWdQJxbqnnpuGYYBafeTwKGWKQO6IVz3lHuAWvGrOIrunpvIVGzPZELXMW8Gl-yFlx-2xLsXj-NgN2TIdv6fkFXb1X55SF_et4_8myUFRcbBpH6KOG-2G-pikizfsQhFk80AgkeD_p6AwdplLnEoQ0MNhiOwgQ6EAfuvMtKfkjFHxyJOxxpmafK5hy_0oHajkTLQ9rcZh6tSUlOokFWsGhbePTn1xfNgUHc3Mypw34KlVHOjJ_RTIc7-DpzWjMXp8jGGOF9uWH0y5D3A789dfFbwBM8HL5xj9aKWmpQ_n9pkHv30YxO2FNmdE8QJWdByQmhiAtbvxXsUah7qechUm6hi6zVWdiuokVe29-om49CM5vDNDPrSbPZ5PlpnIqZ7b3fsDgjNep_OoXsO4leHR2wjp5P0CFN-n6-tgUPYzRhBd4SIrKIg6KeFWV5nNGDNWvfCUNBZ2QJfw_pkA600Xo79INL0aVc1XwpxWQfr2lL7nHn34zLGIoxkeY9gg4uLu4MG9uB5MiyLKaLzMJPvbRL-QkM33M&cid=CAASEuRo5XYOvfgL1MVf-FlzfHeVFQ&rfl=1%2Chttps%253A%252F%252Fwww.pointtown.com%252F%240

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

60c83cdb384e027b1776929cd1409dccb57b2dbfba2a66594f70cc3ca4931d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28960
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C47 42 B
107 B 91ms
50ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Au30Oug0yd1UnB_vVPAvTeN_DmGz5aCN0kqdRSP_ywBzCDuwBpopaq01NTIj0jaS-q3Tw8Vn6IFvaPUN18eIa4uZCPGADoEaKrpbkn0A9-9xa-Kds

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 6C47 3 KB
1 KB 62ms
21ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 16:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 16:49:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C47 123 KB
38 KB 47ms
23ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Oct 2021 17:09:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 6C47 14 KB
7 KB 54ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6219
x-xss-protection: 0
server: cafe
etag: 4041254270185007295
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 17:01:22 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame AD19 624 B
340 B 30ms
28ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiJ6byiATAB&v=APEucNXjph48G8D9V6HteuujWPG1-6yFWvqKnI7irMkT4izfRLdBCnUoVSEUHPbrt4PPEPFeicNU1T6sWfQfUUiWnGtpGh1QsaHPRxfUFWoN4WizxR2pDv__o1IIwkpqnC_clGefEsc6MGpwGCu1w-NTorKIMFwJSCbbd9uFa-4YPwJSqamkW_w

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /xbbe/pixel?d=CPvjgQEQlL6EARiJ6byiATAB&v=APEucNXjph48G8D9V6HteuujWPG1-6yFWvqKnI7irMkT4izfRLdBCnUoVSEUHPbrt4PPEPFeicNU1T6sWfQfUUiWnGtpGh1QsaHPRxfUFWoN4WizxR2pDv__o1IIwkpqnC_clGefEsc6MGpwGCu1w-NTorKIMFwJSCbbd9uFa-4YPwJSqamkW_w
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
cookie: IDE=AHWqTUlmTPotaawLmxDoKCh6vqxIUYGdXc3jpUsWqg2ttXNV2SVNyD317RuUn_DcwBw
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 09 Oct 2021 17:09:41 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 29FC 77 KB
29 KB 78ms
77ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1yUjqnODL6HM_q32NL6cR11Kbem2FchYZfNtNaCwXdoeFFVP1ia4fspnTCQokQXsc4bhgZc63yLgPgeEPxG3eg2AaO9yckYsH_uwQF_G_IJMuX_kqt2fg_dQ8_ZWHefaybwfxB4uUuRUnLYzRn_qE6TVuow&dbm_d=AKAmf-AAntjGNu5o3rs_n_1n_4XtELHBK-yqO-JV-bGRmPWe9AwG9vwAxYpA78n38xia5y87Rk0E6B9fiQB2DPWXxz_pWx2kK2bYM8SfFnZ3dCIPuHBTZcaYcyoggZxzdm2EONGhyj0RvopEiIYHTo-mV-7MdaQJjU6vEQeZDvKZVd1wS2akFHpTzOlysf103pRai3EBn5yPLoqHb_HdySuXZLUAHA4HvJt6GC54EpoFprTlRsrcIA9Lwgbpe4OhuRHEXqlQFLj9c9roSfMqUCNJ54YaiZFo8uYGr0hi40bqyBI_B5IDtmxNhH0AgH6IFPFjl1sBDIwcvDLg_5IOjOBeBX-c7cDJDZR5OPe049Lj2QAHILvLAVxqvjI7CupLBJ86LnqhEY3fzBnR3uEwUGicaRTWaicwsSfnBUKvt7Q4ICIWQyx5aMGm6wm9Xpyh4JnM_4tpPWFjfauZXojpac6G5s_KYKE9UpWNqCX580dYs3Ts18X9xI2E8TJD1Jw0c2N-Fggq6g6gvonzEbQau644pnQC0kN9hdF9xrQ3Eb40gdyhqezs0IceRuqu5u3OG6LVPzcHnStQGzMXhND9fblJH1mfWZkV09aYvBpmN3gvF4sfbnZYbA8JVxp-MWAw2-QSrcarRFGl41r1fO3gfFfN-mk-m0cy0k-T89TA5eEFfZ8VlmKMrUyoLqtHOOfdKYqfSPmuWobWTVKcqF_0yasD316lh59yYIO7P4isoESVsm5y3sQqjQa8MSdNBH7b6QadD8k27Ip-vUJtMGGe3uGMKl80aFMAfWrDLNcpFEOXGFzFK_9QYhBVCWwhU8GBGHafqtWkN8zqs4xwKyc7GDcmvzIr66jaWms-ay01JTKMMHDY6vyIfIHOGzDdqgvFA-6UJcmlHO_1xR87Q0iXIjroex_F33Y6lokXS_vgTuNn2iEW80ci7G6mwC_Yky3aiBNDwzMx6oNkGTmGW6xflvqNYhV7O5D5j97z4xOAv9voBPTHG5kM41FJiNElMsxw1EdgHuLdoyLZVVcxQEtLSVYFXe9o7-3JUPWO0K3-zg7XNgOduqSJOD_xyOcVQLOEKBxgDQ02_US1lduUbqbbFe1XjriqFtYimxB-goSMMhvp7PaNgaCTN-nWxWWWF-05HYXhpEkqHB_RO_-kMUh90v6mFpdrcRjtp5WhgC6xvem-rdbovyxiRp4ouH9jW6zn_tjvVS_gXnZKWyGBZRq4G24Qob3OSmH3IbKdsgZ-a4PjnpeNvx_j2uDcSOnRvVOrJesGvBzt_nfCQOatMXbv-RFAGlhnQ7wgVV-3AuJt-0dgRv4uzeMk9fPmE-ewS9txCgjcmLCdke54UL75yQqgTAombMZk62e_2VomdZj0tPYZQzVmiaTviQy0TplVTIxUmVSUfKHgNGtzTGhHh5Fc0xrwWMGH9JQsWhMVlboEKgnobZ-F6cVIqKtkNhcX3UeeVo3X5yY2BMXARj5dfo3tdNM7o7cCnBOq-nAecYRvvqBZXh0NipieX3EdpTg-Ogcf884hGy0d_jBzD-O-M6srsYt3diEUxsGOvmdiUBjntjBrUnTjThgpOghEOjJ0PrASqAbFavi2tTdTa17XTqYe4GiNVns4RrAlnuLIyCo_xzsR_PV1MBbSWO1pDPBx6n9p1TTZ9-Jd69d7fohL1JJ1yC-cHUF4ncJ4rFaADu_tpj0h-oN04iDoE5ih9ETAdixw6u36FghK-xh7MRJ5PgsCI_ZNcoRkfaBiwKW0v6q6dvKkfvVH0sdQ3dEhG1OUd3Zc1nWqf3f8pg6UfuL-Ho0Pz0W0Q8VJQbpP-R9EjhPYgQpiZPFy8Ey06tBR1BqeR5KEDnxsuDAOyP_9M3g1dFUwFokZ0ap8VbT8VD1nf9NwwXmb2UYEdLVYmvveWgjqPk2O1JOELqbbUF5YIXsSczEoA_srCtpHN5eHV3feAtZ5PiUfVhT_Gd9uZynK4ZGVWisIM7D3qj44xpQQhWWCummcLrpPz0c2Mo9sXqE1C_YyxuwNJtYH4fw4TmCyVoqgWmB6R24Yz2f0FsFUM4J-zOCeOY0udp5IMRZYsCfPOGVK4b-6uZZJqw2jG2Q3w4B5RGHU-gr34dLv_csgv96-_PnXEF3fylZEUHsM5jzhEZRtnY40amQAyIbCsYlknF0dkOalRiP_quhW21iL1VnLpJr7sEADDlaVblRxzuul-6E7PUzXlur9vlTs_A8hDWhT2Pw7R0RmpJrpDxAWBWc4HdH09CLamJRE7-P3oaMVHU3uUO-EnOC1UD9WZNcqh2kgGEcZecZ_cD3A-c-pPqi3wOCx7mwlPtIxg6euu0_6qqkMyXOuMGadvqpozBh0y6yaNVuEZZukgrJCCaNStPS7MwS-KcSBx15SQDUiSIYpSV-SPoEmwY75_CzwwWm9U-IfGbkrIL1PFpEfu3iRO6D-Hkiv7fUjv9rF1saKLLQgCLpsBDPop-MtLhFGoCU4F56W7cHxm2j6BPx0S0uE4rOMtcHxtZq-bcwXoSn_5l7MTxeOLu_GeOesLI5wobRQTtc4eyrqLO6Xr19meZVOavyIHY-V_Pz2ZNKKF16ACovPt5FBLmrIWV-Kb3RNK89jgBOPmWBI0dsWz1ixo0VC9bTXvBUZ1Xw0KEvYdZNkBDu7tihMHNuns8V_6u25bQp-S8FxvLfOlS_vY6D588uQ2HCl6X_l0fTe8oFo_r3p8hBX3Wj18G8_chQ7MWneKKZu_-xB6yYU-diuuTyolyefJvPsYCrdBhotxuklvzumoVakDN7XoZQNxizEhuno8ejDpvihgp_U6xFZ3Zsgkhc1irdzTjW9xeaPubXDk0eoJic7tW-mOr3jVmmzrSU6yWmv17YmrN_1ZrnY_3dnc_i3-3zCESoBKlWoBCAMpYBCEnQ0ZB-ZsjRTQrKOIxHGQtcurmNbeZ-sotX9yyHnv_foAYZ1pvqLgiq9Th9pdPszSP798Hr4HNqgzQPrlnDO-NhcwYtVZd_eJcrvUgWyNilPFfjwoIl0TU_KC4-5mvkCm-UXhkkAhituyF3u4FHpe7zgdUn3fDanwRXU3u2bU_t54eA4DaAwOXFLT7yRtQi8rA&cid=CAASEuRowEs8SjhTWobmVmAIEc6bUA&rfl=1%2Chttps%253A%252F%252Fwww.pointtown.com%252F%240

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28a0e5132a5e6829077ed8e4b6d37c9c1687e753745818acd146f30adcd12cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29700
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 29FC 42 B
515 B 86ms
47ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AxTsKi7jFIuDixaXn9RFshQKtbgoQD-I-x3-SI_W5v_MAQwPeL3riIy7tAOeABdhcYAPjX49RpC-BuNoxBX-MPJf43HC_b2Ns3qu6KgFYGhcFvvvg

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 29FC 3 KB
1 KB 60ms
22ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/window_focus_fy2019.js

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 16:49:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1201
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1344
x-xss-protection: 0
server: cafe
etag: 10107448882299530629
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 16:49:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 29FC 123 KB
37 KB 54ms
32ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37898
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1633547226118934"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 09 Oct 2021 17:09:41 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/ Frame 29FC 14 KB
6 KB 53ms
15ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211006/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:01:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6219
x-xss-protection: 0
server: cafe
etag: 4041254270185007295
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 17:01:22 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6DFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&C=1

43 B
894 B

19ms
18ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNXbD_1scefYoqjRpxalhEfsaZThXY5DO59qALbN4xXtTRx74X7cS8iherM2Jo860rfrnH-j4h_aj4Lp0i3Vlo4aLpIsu-mJBoy_Dhi-aMGHjUm5Qvaxjka6C5lkuqpLfmu6EcM1za3BHYqo20NWURodF-kvoTVWhjGP4j80a7yEnh_RX-8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 09 Oct 2021 17:09:41 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 09 Oct 2021 17:09:41 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 6DFC
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWHM1amat.iaK.BkGhoW1wAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&google_hm=2

43 B
894 B

16ms
16ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNXbD_1scefYoqjRpxalhEfsaZThXY5DO59qALbN4xXtTRx74X7cS8iherM2Jo860rfrnH-j4h_aj4Lp0i3Vlo4aLpIsu-mJBoy_Dhi-aMGHjUm5Qvaxjka6C5lkuqpLfmu6EcM1za3BHYqo20NWURodF-kvoTVWhjGP4j80a7yEnh_RX-8
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 09 Oct 2021 17:09:41 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 6DFC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN0lJgVoRNSEuMmOmysEc94&google_cver=1

43 B
1006 B

12ms
11ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN0lJgVoRNSEuMmOmysEc94&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CLOokgEQ4p3QAhj1nOe1ATAB&v=APEucNXbD_1scefYoqjRpxalhEfsaZThXY5DO59qALbN4xXtTRx74X7cS8iherM2Jo860rfrnH-j4h_aj4Lp0i3Vlo4aLpIsu-mJBoy_Dhi-aMGHjUm5Qvaxjka6C5lkuqpLfmu6EcM1za3BHYqo20NWURodF-kvoTVWhjGP4j80a7yEnh_RX-8

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: fe1a2921-2051-4983-a851-d862bd031fff
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN0lJgVoRNSEuMmOmysEc94&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6DFC
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIxOTY2MjE3ODY0MDQzNjM5MQ%3D%3D

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIxOTY2MjE3ODY0MDQzNjM5MQ%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: b7fba318-09bc-40b9-b305-79aa10d8acde
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MjIxOTY2MjE3ODY0MDQzNjM5MQ%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AD19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1

43 B
1014 B

17ms
15ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiJ6byiATAB&v=APEucNXjph48G8D9V6HteuujWPG1-6yFWvqKnI7irMkT4izfRLdBCnUoVSEUHPbrt4PPEPFeicNU1T6sWfQfUUiWnGtpGh1QsaHPRxfUFWoN4WizxR2pDv__o1IIwkpqnC_clGefEsc6MGpwGCu1w-NTorKIMFwJSCbbd9uFa-4YPwJSqamkW_w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 09 Oct 2021 17:09:41 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame AD19
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YWHM1XNVwaPaB.s95uNI9gAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&google_hm=2

43 B
894 B

13ms
12ms

Image
image/gif

23.218.208.246
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&google_hm=2
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiJ6byiATAB&v=APEucNXjph48G8D9V6HteuujWPG1-6yFWvqKnI7irMkT4izfRLdBCnUoVSEUHPbrt4PPEPFeicNU1T6sWfQfUUiWnGtpGh1QsaHPRxfUFWoN4WizxR2pDv__o1IIwkpqnC_clGefEsc6MGpwGCu1w-NTorKIMFwJSCbbd9uFa-4YPwJSqamkW_w
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-246.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 09 Oct 2021 17:09:41 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJc_tnGps7GkTuLaGkwJ_fA&google_cver=1&google_hm=2
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame AD19
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEN0lJgVoRNSEuMmOmysEc94&google_cver=1

43 B
1006 B

15ms
8ms

Image
image/gif

37.252.172.249
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEN0lJgVoRNSEuMmOmysEc94&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CPvjgQEQlL6EARiJ6byiATAB&v=APEucNXjph48G8D9V6HteuujWPG1-6yFWvqKnI7irMkT4izfRLdBCnUoVSEUHPbrt4PPEPFeicNU1T6sWfQfUUiWnGtpGh1QsaHPRxfUFWoN4WizxR2pDv__o1IIwkpqnC_clGefEsc6MGpwGCu1w-NTorKIMFwJSCbbd9uFa-4YPwJSqamkW_w

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.249 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

534.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: e666a1ca-1160-4c51-80ea-2d44cb79435b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEN0lJgVoRNSEuMmOmysEc94&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame AD19
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM2Mzc3MjgzMTQzMzMwNzI2OA%3D%3D

170 B
188 B

23ms
23ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM2Mzc3MjgzMTQzMzMwNzI2OA%3D%3D

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
X-Proxy-Origin: 185.232.23.181; 185.232.23.181; 534.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 351ef49f-0eb9-45e1-afd9-b802e68fde60
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MzM2Mzc3MjgzMTQzMzMwNzI2OA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 29FC 169 KB
59 KB 50ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
Origin: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 13519
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 59842
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:24:22 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/ Frame 29FC 8 KB
3 KB 320ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-C1yUjqnODL6HM_q32NL6cR11Kbem2FchYZfNtNaCwXdoeFFVP1ia4fspnTCQokQXsc4bhgZc63yLgPgeEPxG3eg2AaO9yckYsH_uwQF_G_IJMuX_kqt2fg_dQ8_ZWHefaybwfxB4uUuRUnLYzRn_qE6TVuow&dbm_d=AKAmf-AAntjGNu5o3rs_n_1n_4XtELHBK-yqO-JV-bGRmPWe9AwG9vwAxYpA78n38xia5y87Rk0E6B9fiQB2DPWXxz_pWx2kK2bYM8SfFnZ3dCIPuHBTZcaYcyoggZxzdm2EONGhyj0RvopEiIYHTo-mV-7MdaQJjU6vEQeZDvKZVd1wS2akFHpTzOlysf103pRai3EBn5yPLoqHb_HdySuXZLUAHA4HvJt6GC54EpoFprTlRsrcIA9Lwgbpe4OhuRHEXqlQFLj9c9roSfMqUCNJ54YaiZFo8uYGr0hi40bqyBI_B5IDtmxNhH0AgH6IFPFjl1sBDIwcvDLg_5IOjOBeBX-c7cDJDZR5OPe049Lj2QAHILvLAVxqvjI7CupLBJ86LnqhEY3fzBnR3uEwUGicaRTWaicwsSfnBUKvt7Q4ICIWQyx5aMGm6wm9Xpyh4JnM_4tpPWFjfauZXojpac6G5s_KYKE9UpWNqCX580dYs3Ts18X9xI2E8TJD1Jw0c2N-Fggq6g6gvonzEbQau644pnQC0kN9hdF9xrQ3Eb40gdyhqezs0IceRuqu5u3OG6LVPzcHnStQGzMXhND9fblJH1mfWZkV09aYvBpmN3gvF4sfbnZYbA8JVxp-MWAw2-QSrcarRFGl41r1fO3gfFfN-mk-m0cy0k-T89TA5eEFfZ8VlmKMrUyoLqtHOOfdKYqfSPmuWobWTVKcqF_0yasD316lh59yYIO7P4isoESVsm5y3sQqjQa8MSdNBH7b6QadD8k27Ip-vUJtMGGe3uGMKl80aFMAfWrDLNcpFEOXGFzFK_9QYhBVCWwhU8GBGHafqtWkN8zqs4xwKyc7GDcmvzIr66jaWms-ay01JTKMMHDY6vyIfIHOGzDdqgvFA-6UJcmlHO_1xR87Q0iXIjroex_F33Y6lokXS_vgTuNn2iEW80ci7G6mwC_Yky3aiBNDwzMx6oNkGTmGW6xflvqNYhV7O5D5j97z4xOAv9voBPTHG5kM41FJiNElMsxw1EdgHuLdoyLZVVcxQEtLSVYFXe9o7-3JUPWO0K3-zg7XNgOduqSJOD_xyOcVQLOEKBxgDQ02_US1lduUbqbbFe1XjriqFtYimxB-goSMMhvp7PaNgaCTN-nWxWWWF-05HYXhpEkqHB_RO_-kMUh90v6mFpdrcRjtp5WhgC6xvem-rdbovyxiRp4ouH9jW6zn_tjvVS_gXnZKWyGBZRq4G24Qob3OSmH3IbKdsgZ-a4PjnpeNvx_j2uDcSOnRvVOrJesGvBzt_nfCQOatMXbv-RFAGlhnQ7wgVV-3AuJt-0dgRv4uzeMk9fPmE-ewS9txCgjcmLCdke54UL75yQqgTAombMZk62e_2VomdZj0tPYZQzVmiaTviQy0TplVTIxUmVSUfKHgNGtzTGhHh5Fc0xrwWMGH9JQsWhMVlboEKgnobZ-F6cVIqKtkNhcX3UeeVo3X5yY2BMXARj5dfo3tdNM7o7cCnBOq-nAecYRvvqBZXh0NipieX3EdpTg-Ogcf884hGy0d_jBzD-O-M6srsYt3diEUxsGOvmdiUBjntjBrUnTjThgpOghEOjJ0PrASqAbFavi2tTdTa17XTqYe4GiNVns4RrAlnuLIyCo_xzsR_PV1MBbSWO1pDPBx6n9p1TTZ9-Jd69d7fohL1JJ1yC-cHUF4ncJ4rFaADu_tpj0h-oN04iDoE5ih9ETAdixw6u36FghK-xh7MRJ5PgsCI_ZNcoRkfaBiwKW0v6q6dvKkfvVH0sdQ3dEhG1OUd3Zc1nWqf3f8pg6UfuL-Ho0Pz0W0Q8VJQbpP-R9EjhPYgQpiZPFy8Ey06tBR1BqeR5KEDnxsuDAOyP_9M3g1dFUwFokZ0ap8VbT8VD1nf9NwwXmb2UYEdLVYmvveWgjqPk2O1JOELqbbUF5YIXsSczEoA_srCtpHN5eHV3feAtZ5PiUfVhT_Gd9uZynK4ZGVWisIM7D3qj44xpQQhWWCummcLrpPz0c2Mo9sXqE1C_YyxuwNJtYH4fw4TmCyVoqgWmB6R24Yz2f0FsFUM4J-zOCeOY0udp5IMRZYsCfPOGVK4b-6uZZJqw2jG2Q3w4B5RGHU-gr34dLv_csgv96-_PnXEF3fylZEUHsM5jzhEZRtnY40amQAyIbCsYlknF0dkOalRiP_quhW21iL1VnLpJr7sEADDlaVblRxzuul-6E7PUzXlur9vlTs_A8hDWhT2Pw7R0RmpJrpDxAWBWc4HdH09CLamJRE7-P3oaMVHU3uUO-EnOC1UD9WZNcqh2kgGEcZecZ_cD3A-c-pPqi3wOCx7mwlPtIxg6euu0_6qqkMyXOuMGadvqpozBh0y6yaNVuEZZukgrJCCaNStPS7MwS-KcSBx15SQDUiSIYpSV-SPoEmwY75_CzwwWm9U-IfGbkrIL1PFpEfu3iRO6D-Hkiv7fUjv9rF1saKLLQgCLpsBDPop-MtLhFGoCU4F56W7cHxm2j6BPx0S0uE4rOMtcHxtZq-bcwXoSn_5l7MTxeOLu_GeOesLI5wobRQTtc4eyrqLO6Xr19meZVOavyIHY-V_Pz2ZNKKF16ACovPt5FBLmrIWV-Kb3RNK89jgBOPmWBI0dsWz1ixo0VC9bTXvBUZ1Xw0KEvYdZNkBDu7tihMHNuns8V_6u25bQp-S8FxvLfOlS_vY6D588uQ2HCl6X_l0fTe8oFo_r3p8hBX3Wj18G8_chQ7MWneKKZu_-xB6yYU-diuuTyolyefJvPsYCrdBhotxuklvzumoVakDN7XoZQNxizEhuno8ejDpvihgp_U6xFZ3Zsgkhc1irdzTjW9xeaPubXDk0eoJic7tW-mOr3jVmmzrSU6yWmv17YmrN_1ZrnY_3dnc_i3-3zCESoBKlWoBCAMpYBCEnQ0ZB-ZsjRTQrKOIxHGQtcurmNbeZ-sotX9yyHnv_foAYZ1pvqLgiq9Th9pdPszSP798Hr4HNqgzQPrlnDO-NhcwYtVZd_eJcrvUgWyNilPFfjwoIl0TU_KC4-5mvkCm-UXhkkAhituyF3u4FHpe7zgdUn3fDanwRXU3u2bU_t54eA4DaAwOXFLT7yRtQi8rA&cid=CAASEuRowEs8SjhTWobmVmAIEc6bUA&rfl=1%2Chttps%253A%252F%252Fwww.pointtown.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 17:02:32 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 29FC 23 KB
9 KB 314ms
16ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9203
x-xss-protection: 0
server: cafe
etag: 15223966529599630443
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 17:00:28 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_273.js Show response
s0.2mdn.net/879366/ Frame 6C47 114 KB
39 KB 47ms
24ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
Origin: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 11:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 19645
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40185
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 11:42:16 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/ Frame 6C47 8 KB
3 KB 305ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-CmTJxp4UhgrEGfr6kanobJ75IJujYF5WvaOMc4aCkZOvM8flV4xucg0dG4dNUd4hV8CLje8bGYSg3ec9dTqeB0jLwVkemqlG48ZUer0b65rGyYfs49nDiEIsBnD3jM2vu5hSCtgCiBWLjaDvWGqPN38A1Rzg&dbm_d=AKAmf-C06iEbZf5u22H9NjE0afa73fCr3uHjQ7jTcgZ7HGqFps5Ie2G54eapetGI_1CG8Y6ykeqKfVIIxjnKKZIAItM0DiEwi0w0dwgTUNZpb-5eTPtRT9qOEpPDy0WEFAd2edPO-XF__Myr0CsL9SSAe-MlDcymtk0Ynk6GIIGm_7KHsfaJqXkw1qGszyRIchC0Lhjz_GBg8OgWAvhicQWCpHml2oEfTh2njApyyh7-gPE4Hz976whxA4_vyI4FQc9s-uYk2d0eE2kfJ5TTrJ55KqiymlWpOqE-4cAZ31R1KD6gzdfN7d5B42lLNtuAyVXadTKpW0MrwuWe4yoPao9NNjXqKwX4DriSMWqqx4IohRbQ4FZZqdApE5yHaFnXlaH2PAsgFZyxbOcwGprjuT38CCgVSwrDLbknYrhFiTfPRt-AOw8cLCAT8au6_WLYr4y3rmq0co0JlIBP38IuMxlT1fH0ZYoN_EG4MpfvOhp-rrVv-g87QVTEhSjQQBeQW3mUbn839EFGMXUm9bYs5F2_ZKeO7Tzocf_CCApJeN-Er8igXd7Ncv-LwqFlUR8Xx7m86rY_NvC5rNCfh73WLtL62m4_Z5iMN1hnKoyIvMfXDlVUv096i_uIsAjBOglp-srM4nNI6Tv-B0tsZcEWmaXTpKCCSfS8PovNbQaEhCrpB8yqC1aHc0Rug2ec_Ty4J4xpkb4dO728UIgr5w4uSt6ZpFudIO-BMAUOMIdPNi7Ru23gBYaTJ5e0w_ILqzAeuZO1XDixoolgFw_8cLGHeikaeLPO8Dmzf2q1RRYdXCmBIthl92L3zmqAGF6MGAXDAoqbjUepyQKQ77sBWNJ5wqjShKvaUcSkeQVtoKt4OpTyyeEALE_5Mb1oso2VEv1bCiDrEw5J5DRK9cclJn0jEYPo5JAptnrDrIjIyHpcjXs465ki_1Hxzm3A7UQDXu4TTQ1Mm63DU_8g9rj45ErlrDkn3D4j18-8A4qa5kITuenUcSWSTbMvdM5IggT9Eg6-xY_dOwyCPCG8RB8UwLYALbSzbMvlMIXCNe4wYzm1fRuiUNrFQSY6SN9hFUhb0uhbayo1a8xONaJ6KVKBh4t5IIRnwKLLeqhIz96y3qj9CydMgLsHDSXNW2VeMlpJmQvttxQQVX7-jRwEdJOezeiSbd_Za4GfmCZtYPc6SxSGuBoJKWnwGJeB2Yc9IlFVpv_9J1Edmgdgu8Pmdo6DZ8xTJD1XN-13qUTPswJDFHay5Y0ID2P7kH6KNwaY72VsbqyOBdayFfQ7HlnYUOzXTjYjtdF9l4cG02RUFGY0nMvSOppki6MRWrOylhWNh6qKmpWSHiccInEob-_Y1v2t4KKMv0i4l7UvsMRxICqcBZ-cjVwdsJU6R8u47gkq4tjhmHv9mMOcgANRZIvUVHb8EG3zzo_3bXBof4wnNDi9zC__PN4xgx4ThLl7FAANRT70a0XuBNVXAsheAkjbWN5FaxuJJxS0nlEgxLH8bwA9BQbzkr-U9eUe0U-CZg26UjnWN8dNCHd99Bw8cc7PBFdbN3BAOjNyoq5zGpS9X-FjpkvsWJ6z26Q2TMXFInxY7Z1E3IVnSYg6-JjwhPQyFHsUAoPHbHblJCazPyljyQumGmWZPqK5YhrLmdxBH8lnwS-9txYlKvbehXnS1jelE49U9ApiosTAFq-nzY-GFXrvY15TjbGfb-TR3mhiSnHszbJNfSS4acJyejwR00MbpO4hbwCXg2bLoaLdYwFphq7rWtrAi57HDls-h7ge1-Dbv0InYM9UJXC_uWcB7b221oLdruscEqAHafmFeOajZl64ZsmzLMm74JWR7mU2ABcLpv9D6YNAVJW0Bkua76liv2Uko3KF7DZx67ZWZ0gJi0nJ05zdyHUdHScMdAYuIfWUR0zqeJVqiUCBSS8soz49chxt3r7omOl-5hDqcg-Kb673KonD7xql9M0jBVIQQ-Ueoz0RxpcEULHUW_7zhtabDTp8QZFobna86p1upoehu-dUFa4z4rDsrZtdII3mXxrcCwKPFRoncFoUpaTUwFPciJwkR5R22EgTm1j07dCJ5jWVngTBEBb4a_HZ5PokwnXTcpuyxi-stn2J671iBROnR_o_DIvG62iPQQwQWHbopjqsNKLpdn65U2nerdz1KcGi_HoWJFrnVjCEtqAJlgkIyS4X2eotH3w9VDQeAi7h9SW3Jiqatao16KnYlaJpqAml37sdxdLtdowZcJjEOGSkEe_8_ZgiAONbuYvyZJK5I3DB8iX5Kkg0-3Otq7IA0-37c6ZtUeck2tvufAUo5n6nXkipwNSieyAJKyc_OfDkDPz2OO8uVJaQ8H_2a6loHvyI3ybPpgOr6ZnquuflmJQ3FyDnyJ5o5cYTRmm7wWc1ATTrIRK67913ASUaqL1kkD_CG0g_vFluYzUXhSmcYL8XfPMXEw615JnI0R4Zvje6s2Xhy3xXPWd4_Ca2TQ9_VVApG-hT9AeP6UMGG2vBphNqzFnX0umKgnJuflN_imLBqoPKsEx6ivyBkqWnuBTyudI_yjXMTVL3Mo1UNicFC8D_5SuJpShjS-ocjMWdQJxbqnnpuGYYBafeTwKGWKQO6IVz3lHuAWvGrOIrunpvIVGzPZELXMW8Gl-yFlx-2xLsXj-NgN2TIdv6fkFXb1X55SF_et4_8myUFRcbBpH6KOG-2G-pikizfsQhFk80AgkeD_p6AwdplLnEoQ0MNhiOwgQ6EAfuvMtKfkjFHxyJOxxpmafK5hy_0oHajkTLQ9rcZh6tSUlOokFWsGhbePTn1xfNgUHc3Mypw34KlVHOjJ_RTIc7-DpzWjMXp8jGGOF9uWH0y5D3A789dfFbwBM8HL5xj9aKWmpQ_n9pkHv30YxO2FNmdE8QJWdByQmhiAtbvxXsUah7qechUm6hi6zVWdiuokVe29-om49CM5vDNDPrSbPZ5PlpnIqZ7b3fsDgjNep_OoXsO4leHR2wjp5P0CFN-n6-tgUPYzRhBd4SIrKIg6KeFWV5nNGDNWvfCUNBZ2QJfw_pkA600Xo79INL0aVc1XwpxWQfr2lL7nHn34zLGIoxkeY9gg4uLu4MG9uB5MiyLKaLzMJPvbRL-QkM33M&cid=CAASEuRo5XYOvfgL1MVf-FlzfHeVFQ&rfl=1%2Chttps%253A%252F%252Fwww.pointtown.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:02:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3128
x-xss-protection: 0
server: cafe
etag: 3658073882064373855
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 17:02:32 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/ Frame 6C47 23 KB
9 KB 301ms
17ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211006/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:00:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 553
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9203
x-xss-protection: 0
server: cafe
etag: 15223966529599630443
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 23 Oct 2021 17:00:28 GMT

GET
H/1.1 200
OK mtrcs_220434.js Show response
s79.mxcdn.net/bb-mx/serve/ Frame 6C47 148 KB
57 KB 54ms
13ms Script
text/javascript 23.218.208.133
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.218.208.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-218-208-133.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: bcad36a72dbc1761ef55d73706876aef910405d11565b9598dc2fed877be339e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:41 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Oct 2021 13:38:06 GMT
Server: nginx
ETag: "\W00000580251633613886776"
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NON DSP CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI COM NAV STA"
Cache-Control: public, max-age=1800
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 58025
Expires: Sat, 09 Oct 2021 17:39:41 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/ Frame A9ED 6 KB
2 KB 351ms
14ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f89afa533ee24b3e3e335bc5c0660e1c89d95e0fa11beca8da9fc8862a221ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-length: 1913
date: Sat, 09 Oct 2021 13:00:12 GMT
expires: Sun, 10 Oct 2021 13:00:12 GMT
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 14970
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6C47 0
592 B 73ms
50ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4NODpmmfbi-GSGTGOnwyDV6cjf-LjUUxZXlBeCP42L9Ou5FflSb7xFH--KpYmZClqbEOZVw0oYizCq8bKh5YGbMUWx9GCSbg_Kk2r6LpJSgwER_XR-_sBUxNG0MH1iYcftOF9KUc-s60OiHrxhZQxd0CsY1s_y1JUJwvXD_KtqBWok_Lo7DL8ku4S333cEDAeHSdzVovJYvvuZ0vmlcptdHWs98yG1JX1bsK1aruk1-L59Zl4tXyYJmIyBFIOT_K_Lv_MIy3v48XnwEHq1c6loNeUeLn1ZHkSQISGU8mWhpJ-mqml8eYZUDDIzKbbj5yJNb3cvGxkOwpWfVcgaZr4IgnsNjNqjEhGsn61Rpnk45BPlhQV8-N-J3bgspK8yFFfC-WBKlk86lfVUu6DD27g4dPQTmC-6Df9mMUKl0uXDzDEMiklPC3Ir5anqqbD7AfnLanF6VnC7vQb9CSNGuumsNpRGq3FTj-J4be30hWjbxxQO4mnS9GGMEdGyRB1jNVoUFF-u909tMb3zGcKZBt7MWyJcNAp7MxlTZAdvLfT2Upj7TWYz9Z7qoShdx3XXySlC2PdOVPidmOWHLuu6QKrFyuB-rqrz-iZy5IXoubpXrGTP9L7xefVuqMRV9hC297_QjNAG_K-vk0OSJL91pv-uoksr1G-kTp7YZl1w04N-gGTDwVt5FsS8b_6SF0K5S35sAU6GURa7tveGJ0liCN0SFIdaU1TDhwbzF6ICUnYj5Y27YBetAoqLIwbqaEeekLggkaIdy9c7oHZYlW3YhpNzroJAaBxxZTjek4--9ZoiZ4Qxehdr8vSbnNHzTTj07oel9ljEVN0vmwmXMdfRqE3UU1od4yHSehe-Cmxra65-EO58X3sUJC7EB1KZ4LPI1KCzR6rzDEwK_09VBol8H4oluBc8CxTLv_uAMjdBm5--JHRBVJebS1Gxsf4ZPzAVnlfMc9Rbj9-GOytgO6IfUWmGRA5py5tBy0TGfe5gbH0zaP18Jejx_IXDQUVgMA1m3ffeHykcHZd2P8bWKDS3pc4HYH_1jbvlmdBMi8IIeiW0Dtdph_hL3bxlJIjA1X2wziXAOYsXNt37rqQpO_McsHBtLJbAwxxRG9eTqDTRf-PX39R9PffPqW0HlmjPleymE3s_DMa0VUp0-LeUOujN3HLS7dxzIedrkmmFrplho798EBwXd3XhHYxjirya150kouq&sai=AMfl-YQ7mCs-jNs4vtobNs698eL-hAROmVpo34x4yjWu83-R_6_qjThNXB6vQ8ztQR6RwMiUDy1NTlfbO8mMflhI49xURA6OlBeclmDXyHVkAfZZ-GjlY4C7IpQ7H6D55JNSIaKCLNDuAaIxiEvABJl2PgaNrPud4g&sig=Cg0ArKJSzE2yOODaqliQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=70&cbvp=1&cstd=68&cisv=r20211006.34871&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 09 Oct 2021 17:09:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 list.do Show response
www.pointtown.com/ptu/api/favorite/ 154 B
229 B 305ms
305ms XHR
application/json 45.60.1.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pointtown.com/ptu/api/favorite/list.do?_=1633799378670

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

63f1cebd64cdea3b722ec40556c68e7aac14925468f6b21006ea23784f1eb06e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
tracestate: 3239464@nr=0-1-737267-16006093-439b6a8a01365ba8----1633799381731
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjczNzI2NyIsImFwIjoiMTYwMDYwOTMiLCJpZCI6IjQzOWI2YThhMDEzNjViYTgiLCJ0ciI6IjBjZDNmY2M1OWFmOGQzOTJlYzVlYzA2OTk1YzQxMDgwIiwidGkiOjE2MzM3OTkzODE3MzEsInRrIjoiMzIzOTQ2NCJ9fQ==
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: vu=dKTewD9s1JuhUJcYDAzJtdouI7ys3fSGdKTewD9s1JuhPgNttHUU6Dd+F7NXedKUKi/Y9CO04DJK2ujfKtHLSMqN6MHhUx9Cwk+nDmz8I0et8ubjOMiiqWqDR6dkIz2LzibSqocmso0; cref=http%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex; cunibr=OLiZJOHjf3J; JSESSIONID=3F7CF2D4D7ABD17FE9B8C3ABBC8615C4.tomcat04; visid_incap_1652102=LU83gedXQQOaEOw29m9SWdHMYWEAAAAAQUIPAAAAAABAqQIQKn395kyIW7gszyv5; nlbi_1652102=5AAeWt4/u2f+9rDZTitn/wAAAACj4QAFdtSmTyOHMUQeVqng; incap_ses_1309_1652102=FKWdHsS5XQCF1PRl3YAqEtHMYWEAAAAAYOZDWnNz1QcFtmnA0MyThg==; _ga=GA1.2.1374866761.1633799379; _gid=GA1.2.223457300.1633799379; _qg_fts=1633799379; QGUserId=1124769015857542; _qg_pushrequest=true; _qg_cm=1; _fbp=fb.1.1633799380871.483041284; __gads=ID=92c4feea819e2163:T=1633799380:S=ALNI_MYm98wGiqRtCV-uvvqChYLo2nSeBw
:path: /ptu/api/favorite/list.do?_=1633799378670
pragma: no-cache
x-newrelic-id: UwUAU1BUGwIGVFFUBwQB
traceparent: 00-0cd3fcc59af8d392ec5ec06995c41080-439b6a8a01365ba8-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.pointtown.com
referer: https://www.pointtown.com/ptu/exchange/index
:scheme: https
sec-fetch-site: same-origin
:method: GET
X-NewRelic-ID: UwUAU1BUGwIGVFFUBwQB
tracestate: 3239464@nr=0-1-737267-16006093-439b6a8a01365ba8----1633799381731
traceparent: 00-0cd3fcc59af8d392ec5ec06995c41080-439b6a8a01365ba8-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjczNzI2NyIsImFwIjoiMTYwMDYwOTMiLCJpZCI6IjQzOWI2YThhMDEzNjViYTgiLCJ0ciI6IjBjZDNmY2M1OWFmOGQzOTJlYzVlYzA2OTk1YzQxMDgwIiwidGkiOjE2MzM3OTkzODE3MzEsInRrIjoiMzIzOTQ2NCJ9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pointtown.com/ptu/exchange/index
X-Requested-With: XMLHttpRequest

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
content-encoding: gzip
vary: User-Agent
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
x-iinfo: 14-89714473-89714474 NNYY CT(248 247 0) RT(1633799381221 0) q(0 0 0 -1) r(3 3) U12
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva

GET
H2 200 list.do Show response
www.pointtown.com/ptu/api/favorite/ 154 B
239 B 300ms
300ms XHR
application/json 45.60.1.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://www.pointtown.com/ptu/api/favorite/list.do?_=1633799378671

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

45.60.1.176 , United States, ASN19551 (INCAPSULA, US),

Reverse DNS

Software

Apache /

Resource Hash

63f1cebd64cdea3b722ec40556c68e7aac14925468f6b21006ea23784f1eb06e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
tracestate: 3239464@nr=0-1-737267-16006093-e1e8e63d8d3d01a3----1633799381732
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjczNzI2NyIsImFwIjoiMTYwMDYwOTMiLCJpZCI6ImUxZThlNjNkOGQzZDAxYTMiLCJ0ciI6ImNhMWExZmYwYjEwYWQzMTFkOTZiNzgwYjI4Y2I0MDYwIiwidGkiOjE2MzM3OTkzODE3MzIsInRrIjoiMzIzOTQ2NCJ9fQ==
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: vu=dKTewD9s1JuhUJcYDAzJtdouI7ys3fSGdKTewD9s1JuhPgNttHUU6Dd+F7NXedKUKi/Y9CO04DJK2ujfKtHLSMqN6MHhUx9Cwk+nDmz8I0et8ubjOMiiqWqDR6dkIz2LzibSqocmso0; cref=http%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex; cunibr=OLiZJOHjf3J; JSESSIONID=3F7CF2D4D7ABD17FE9B8C3ABBC8615C4.tomcat04; visid_incap_1652102=LU83gedXQQOaEOw29m9SWdHMYWEAAAAAQUIPAAAAAABAqQIQKn395kyIW7gszyv5; nlbi_1652102=5AAeWt4/u2f+9rDZTitn/wAAAACj4QAFdtSmTyOHMUQeVqng; incap_ses_1309_1652102=FKWdHsS5XQCF1PRl3YAqEtHMYWEAAAAAYOZDWnNz1QcFtmnA0MyThg==; _ga=GA1.2.1374866761.1633799379; _gid=GA1.2.223457300.1633799379; _qg_fts=1633799379; QGUserId=1124769015857542; _qg_pushrequest=true; _qg_cm=1; _fbp=fb.1.1633799380871.483041284; __gads=ID=92c4feea819e2163:T=1633799380:S=ALNI_MYm98wGiqRtCV-uvvqChYLo2nSeBw
:path: /ptu/api/favorite/list.do?_=1633799378671
pragma: no-cache
x-newrelic-id: UwUAU1BUGwIGVFFUBwQB
traceparent: 00-ca1a1ff0b10ad311d96b780b28cb4060-e1e8e63d8d3d01a3-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.pointtown.com
referer: https://www.pointtown.com/ptu/exchange/index
:scheme: https
sec-fetch-site: same-origin
:method: GET
X-NewRelic-ID: UwUAU1BUGwIGVFFUBwQB
tracestate: 3239464@nr=0-1-737267-16006093-e1e8e63d8d3d01a3----1633799381732
traceparent: 00-ca1a1ff0b10ad311d96b780b28cb4060-e1e8e63d8d3d01a3-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjczNzI2NyIsImFwIjoiMTYwMDYwOTMiLCJpZCI6ImUxZThlNjNkOGQzZDAxYTMiLCJ0ciI6ImNhMWExZmYwYjEwYWQzMTFkOTZiNzgwYjI4Y2I0MDYwIiwidGkiOjE2MzM3OTkzODE3MzIsInRrIjoiMzIzOTQ2NCJ9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pointtown.com/ptu/exchange/index
X-Requested-With: XMLHttpRequest

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
content-encoding: gzip
vary: User-Agent
server: Apache
x-frame-options: SAMEORIGIN
content-type: application/json;charset=UTF-8
x-iinfo: 14-89714476-89714477 NNYY CT(238 238 0) RT(1633799381227 0) q(0 0 0 -1) r(3 3) U12
content-security-policy: upgrade-insecure-requests
x-cdn: Imperva

GET
H2 200 suggest Show response
www.pointtown.com/ptu/api/affiliate/ 19 KB
5 KB 10ms
9ms XHR
application/json 45.60.1.176
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pointtown.com/ptu/api/affiliate/suggest
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.176 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: 9984228f3680e18f4ba77c01b6bd0ea7568e0b27a92e913a3be7c4bee7f66e8e

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
tracestate: 3239464@nr=0-1-737267-16006093-16ebf3555ea759f2----1633799381752
accept-language: de-DE,de;q=0.9
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjczNzI2NyIsImFwIjoiMTYwMDYwOTMiLCJpZCI6IjE2ZWJmMzU1NWVhNzU5ZjIiLCJ0ciI6ImRmY2Y2YjAyY2E4MzYwYjk3MWUwNzNkYzlhNDc0ODMwIiwidGkiOjE2MzM3OTkzODE3NTIsInRrIjoiMzIzOTQ2NCJ9fQ==
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: vu=dKTewD9s1JuhUJcYDAzJtdouI7ys3fSGdKTewD9s1JuhPgNttHUU6Dd+F7NXedKUKi/Y9CO04DJK2ujfKtHLSMqN6MHhUx9Cwk+nDmz8I0et8ubjOMiiqWqDR6dkIz2LzibSqocmso0; cref=http%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex; cunibr=OLiZJOHjf3J; JSESSIONID=3F7CF2D4D7ABD17FE9B8C3ABBC8615C4.tomcat04; visid_incap_1652102=LU83gedXQQOaEOw29m9SWdHMYWEAAAAAQUIPAAAAAABAqQIQKn395kyIW7gszyv5; nlbi_1652102=5AAeWt4/u2f+9rDZTitn/wAAAACj4QAFdtSmTyOHMUQeVqng; incap_ses_1309_1652102=FKWdHsS5XQCF1PRl3YAqEtHMYWEAAAAAYOZDWnNz1QcFtmnA0MyThg==; _ga=GA1.2.1374866761.1633799379; _gid=GA1.2.223457300.1633799379; _qg_fts=1633799379; QGUserId=1124769015857542; _qg_pushrequest=true; _qg_cm=1; _fbp=fb.1.1633799380871.483041284; __gads=ID=92c4feea819e2163:T=1633799380:S=ALNI_MYm98wGiqRtCV-uvvqChYLo2nSeBw
:path: /ptu/api/affiliate/suggest
pragma: no-cache
x-newrelic-id: UwUAU1BUGwIGVFFUBwQB
traceparent: 00-dfcf6b02ca8360b971e073dc9a474830-16ebf3555ea759f2-01
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: www.pointtown.com
referer: https://www.pointtown.com/ptu/exchange/index
:scheme: https
sec-fetch-site: same-origin
:method: GET
X-NewRelic-ID: UwUAU1BUGwIGVFFUBwQB
tracestate: 3239464@nr=0-1-737267-16006093-16ebf3555ea759f2----1633799381752
traceparent: 00-dfcf6b02ca8360b971e073dc9a474830-16ebf3555ea759f2-01
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
newrelic: eyJ2IjpbMCwxXSwiZCI6eyJ0eSI6IkJyb3dzZXIiLCJhYyI6IjczNzI2NyIsImFwIjoiMTYwMDYwOTMiLCJpZCI6IjE2ZWJmMzU1NWVhNzU5ZjIiLCJ0ciI6ImRmY2Y2YjAyY2E4MzYwYjk3MWUwNzNkYzlhNDc0ODMwIiwidGkiOjE2MzM3OTkzODE3NTIsInRrIjoiMzIzOTQ2NCJ9fQ==
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.pointtown.com/ptu/exchange/index
X-Requested-With: XMLHttpRequest

Response headers

date: Sat, 09 Oct 2021 17:09:41 GMT
content-encoding: gzip
x-cdn: Imperva
etag: "dbd217d5"
content-type: application/json;charset=UTF-8
x-iinfo: 14-89714480-0 0cNN RT(1633799381237 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=1800, public
content-length: 5300
expires: Sat, 09 Oct 2021 17:39:41 GMT

GET
H/1.1 200
OK style.css
cache.img.gmo.jp/gmo/header/css/ 23 KB
4 KB 10ms
10ms Stylesheet
text/css 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.img.gmo.jp/gmo/header/css/style.css?1617955924
Requested by: Host: cache.img.gmo.jp
URL: https://cache.img.gmo.jp/gmo/header/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: af9c8d9f3b6d51cce9865aa2a24781f603857582ceb9d1ceeafcf3ae5c79b8b4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 24 Mar 2021 02:48:10 GMT
Server: PWS/8.3.1.0.8
Age: 467512
ETag: "5c1e-5be3f54501d86"
X-Ws-Request-Id: 6161ccd5_PSdgflkfFRA2po7_31259-1291
Content-Type: text/css
Via: 1.1 PSrbJP1gk84:9 (W), 1.1 PSdgflkfFRA1hb199:0 (W), 1.1 PSdgflkfFRA2mu72:9 (W)
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
X-Px: ht PSdgflkfFRA2mu72FRA
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 728x090.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/ Frame 9929 43 KB
10 KB 308ms
22ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_273.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

50bd86fc2714a7aade23d492f60cf427aad1e6cbfbaf7be521bdbdcb6c43015f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 10145
date: Sat, 09 Oct 2021 17:09:42 GMT
expires: Sun, 10 Oct 2021 17:09:42 GMT
cache-control: public, max-age=86400
last-modified: Wed, 23 Jun 2021 15:05:12 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 29FC 0
61 B 50ms
50ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst_cbM2vZ9q_hUhjpNZhILroEJ4hQOVTheQsgm2MYJtXFNPFEmIttES2ylYhLUunaHCPz6xfGbiHY5jLVfCAGo4CgmieQaEyxTV-kTult4bmGkQK_0LAgibPKJ4dCC3svEgkfQIlytj3MCRBHUXGJ6wEhG_JhtBbwnZfYZ2RSymuGWdE4P7BS0a4mjFl4E6hAUqPQdM8e6UipJM5apNW3MRPQiGODpimPMcIm2lPaSL5JvSxwJUEtG1n6HL-hpWPdNP_vc4r6iebWbKJq1YcHBEnquF4XG5blz3gAzMatNMquImRji_kyKlXvOUe6eOGifpb7Go0ZwXCZ-3KENfWex4x5nVfWg3X1i6fzX6zQQ06cfxLVdKOT2-t82XQP_BSXe3ToOs8Iwk-i3RPWi0hWfwJbCz7gk6B0_wF3voJEYlOl-gWiM5uRZp6qU2nTBoBVMGfJWUKqrmEX7uqgO51WTd0M3D-6SFFH-rEYc_4J4KrPqj6FXramJO1CGOf5Z75mdDCw486pWbjKNFPWAWNqPLyWyQYshXnr7IZoHy24telWTb21Hz5Yi80xlRI7WIg-qTwihESMi4l1HHqmob9TNtQwA_395KTRkMNn2_wXrZFjfoYAyNvfdf3TdL44psYMnIQTbXjDa7SqZCbboo9UGOLV1r1Z3N2B2iiSG2a7dpTHa2wMLs1nN-MyRVtiMtGF1wr9HdSMQVJAhEbyIgBT_4AffiI_lmynA5C-5B87uluHkoN1aDuA5OtYJ49XLJ1FlFgUceeikEkdoXZx5k8gLj1gBUHk0Zmm1qJ5S0RciG_97Kn37hS6bEC4i4QcikmnOnTgEgl7vfPD9k5A4lsDki4ndl2LC48ahinp4OrHRqnhYcIY9HYQW999tygoxo4XLgkoUtmQLSdiJ3hjC-231gFIWHxv18BXB0BZBf5sgjreppdl-8ByOP0LMKeX1rs0JI-dy5hKX5qkTHqHkLRS73zAk5qmGb4xnBWjIBQAV-1Hw-dYEWO3rwrBOmwG3AdwhW25T4HLMbpjNfU1IXHoiAbjcxbBmuEVR_ByQJB7kKASB3MoevCWDwnxjdosBggSaub2WcB3L1GkxsaLeVycCIjlH-7PTt5PCI0xny6_75coDHrmgxN9OXpIvPCJIVGgjoXL_D5Ds5Ef99pXX1nKXqIkuah1mDT6Y1C_fxkYxUTzkNyYogCTi0sJeF3lI2w4NNj0TVoXE&sai=AMfl-YQoxglzs4P5CWgFKd-9cvT9QII9-OJFGGA2nsvQ1QbQon3LialhMmK2iaBCjPfxXKQgMmJS4BWyWq8AjPWrNpRFEMbrLpgnt1tlOxvi0iM-v6f38GMKFTiaV64drwWER_R-Ua7gK3vm3Wl8oDgZTzUZuZMH8Q&sig=Cg0ArKJSzF-xLKoj9HqiEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=137&cbvp=1&cstd=132&cisv=r20211006.91908&adurl=

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 09 Oct 2021 17:09:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 _Incapsula_Resource
www.pointtown.com/ 1 B
35 B 20ms
19ms Image
text/plain 45.60.1.176
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pointtown.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9018875311139039
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.1.176 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /_Incapsula_Resource?SWKMTFSR=1&e=0.9018875311139039
pragma: no-cache
cookie: vu=dKTewD9s1JuhUJcYDAzJtdouI7ys3fSGdKTewD9s1JuhPgNttHUU6Dd+F7NXedKUKi/Y9CO04DJK2ujfKtHLSMqN6MHhUx9Cwk+nDmz8I0et8ubjOMiiqWqDR6dkIz2LzibSqocmso0; cref=http%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex; cunibr=OLiZJOHjf3J; JSESSIONID=3F7CF2D4D7ABD17FE9B8C3ABBC8615C4.tomcat04; visid_incap_1652102=LU83gedXQQOaEOw29m9SWdHMYWEAAAAAQUIPAAAAAABAqQIQKn395kyIW7gszyv5; nlbi_1652102=5AAeWt4/u2f+9rDZTitn/wAAAACj4QAFdtSmTyOHMUQeVqng; incap_ses_1309_1652102=FKWdHsS5XQCF1PRl3YAqEtHMYWEAAAAAYOZDWnNz1QcFtmnA0MyThg==; _ga=GA1.2.1374866761.1633799379; _gid=GA1.2.223457300.1633799379; _qg_fts=1633799379; QGUserId=1124769015857542; _qg_pushrequest=true; _qg_cm=1; _fbp=fb.1.1633799380871.483041284; __gads=ID=92c4feea819e2163:T=1633799380:S=ALNI_MYm98wGiqRtCV-uvvqChYLo2nSeBw; ___utmvc=1Q85QqXsSe8pkcn0imQjKZlrOPzEuRaQNUeC6R/K3e7O38CXG0aRdpMnoqYwLgjWVJ/NoN96r94ThSljRzii4zvYxWFsMsWeMdLXRWneWVNY87c/LrdGMDGpI1hJ0mzaxtHcxRGN/xj0LmDFPfdUqkO3skdEhnatShfxSVu7o+4rKbRo936fNwCf3Mq2VW5lzZI6/7bXFuLDdFW6nU86Hpv44WleFCV2L3+UIrLQTQxZiYtbhLsBmwmbY90Pa61xk10A9yIpavJuRg9W/iXOSb0+CPR+QnQO7Qw2PMpMPUXaBUasjfblYLYvJp5dcNUI3nA9bsnlyTZhG6iKVOTk5tNzFEHBqqK52tJ41K9x9vNMbM8VkdZ5gWK1hnAsiMO5RrRPdK/nTei1MCyJ3UlaJ7RzTjMIif+17RYNfNNjEckxuoHzPacStGPh41sR2ThLwdUPcAjt934yn7EAEisHQwduK4kuI6umLIoqFmDkvRcOzrHMaXrJJeKUFpaqhnLYlCCS2t0ekBoCd3xb3qdu30Kn73kc+GwHdNlgKApq3qZYkweewiMehFDIWxRIvVAXHTGffMvDoNk0I7T+WNcslQKDq4LbHIOMWp5w/VXpGza+dWhUuN+T4NIZrVTkE5oC1xBj112OWxtaD621EKCnbxZ+rsjAOUNq7RRXtAaNAkrKHUVT671K+F61VpqSpQywKR16vghdgKMvbqLTCk4Db7/vmVbnTMdWdxtQnCXXlk99xfZDm9h91Mg1iyoN0xrlfnqJrXi5LelTz2+lLiOqCbGGwQc9wxV+7vhIlhyKZ+cQ6JbLMp55e1osUqp92vi9uH10p9JqqgO6G7nsGrditO/IWac8S+jrMgiLBNDtaNQz9KLFeS3mclgh3A2R79LsrwNru+YhbYpIDK/tqpgT9kMM8x/8W0tLlG3nchaJ7CZQvbHXWZVvIJxRssoUAYhpWF9jrfAF0VeWQmM/7v7K7Td5iU5MmPcwwgSAXfgxFbWCwpq72fTA34MOqnc2lzSoAOR1AsV83fCX9huphaOnsvnDMVt5g6nLe0PeiGhEybkmkVw5kWAB1X6bYRU0+mwqACfDW/e/yXjZHZVTgoWp1n+S7MLQb5GuntuzVZ7cWj/22kvMuvkBzsB9Qg0Tot9mhKu0fxbvbnodyPg3ZzUnoDMZhKrsTTdyFkcfVxKwUhlUtTnDr4oOYeCzktTLTvfcmYdlYVXr00i9oPsEpPpvCo7ueZ4N7CdnpdLXJgvnA+cpoFVuJJYYnC8G9PO6mjGqlj4nt4h7qU0cPRd7KBvFNtQ6d6Dq/qg2+7zNpz2ffK4rRVGBK5zYLEjmG9ys8yrC0QlgnXz81bqGJFeprcbRvhyJGTH5V5QMA6K6fKWbj7evDZqjjGlaVmHWd0z4DOJwev0qIwlbJ2DJb7wZaegWuOQI58SjOboka2HwM5v7ip9NpdALO+8uB5lY8ntLCW4/dEcnUHa7fBYBSsj+fZMlKidhd6Xl9PsOW3F5aWbhrg6ieZfVkRMKwf+IXK8i1geFt5OhlpmowB4syMq++uEBBXJW945tftaXUhfz6z82TAo+gvNBAepm8bpfaUqDpR4tgtM9M27OU01+HBxrWj7Bz4ktOrWEqZKNgdSkR7KU5IeRFMnxz3Go0us6pIGb8sFw0ztnafTLHat0/ct4JNKjzAZ6MI2wT/aUFopAIExWbkSV8kYgzyyrUbdIgzhObaeTCm+d7Oc355mqdO2e67TGsu9T5pp4zak6a7bC3m18njVsT+nGIEnCWJFPTm3Gv4+2mSDJgPSXOrc41NbfaoAglc6wjdGhj0xl9S0Igll/SS05ZXcnKeTPN/dH+/jF5/Ck0MRJiLimLc9j2izwefOau5PbjtMIF2a29Asz+nF7Fc4iGU+vZea7ajXi/0EylU9ymfL5tmxPz6jtQMJU0ARuCMszfb7cJrZaHBdsts2wzpjg0ppF3I9QT5YuyBgWFirHQWnpYL3dtYpXf8UTsQ7FBOb7WnbQ/5axYQ+qINjsbGd8d7ErstX/r06JBGVoXiBHXlTz41u52iPGhr14TYS/QkXVl5WPyzdS5JulcTvLEwhL3E75jAeTpnK0i4nnhP66qAPrqnB4xhSpKartLyPbHhPLzMZDHDJJfbJVJiRRApdAPHKZelwXSzuJP9W06vKtZN2VDnYhflVyrHAl/bPHmj5z7KjTMyzeSuBraWPQMHTzi5emm/5tI5S1KoX3yF/g0BiKMkVx1YTphqPGV/QAn6o01Svvjw3tvq7Goycqetb7fVpvUXqMCzNLdgY3FEDKME7e0BV7eVybw3SlbF75JmBmjqBfxxO01chZjMWzNkhHuggI1dKpZvmGMGoiJ8RtB+AhSo1qgd4j61aLUbGqFvnMori0X1zYE13u8hXM6P+fitVnRC5zjXVRCpV56V1wmZ3pf2dN1AzfJ1pnLLNudnCmkisX0g3Cc7KyZgq9GisLQiJGrdPRdX4uYmvh6PlaHU495AkG14Rh/v1bPn3WyfkDz4GW5TvCx0MtyGGaNQXsxzRJjvrkAeSj2rGHna5XKrxJRWUw+1c1Tnx6F8z4wkS5ycwjSA5DmsOJyWUGRAeJE9qUJVj0G2KhZJaUpVP8MnTVmDI12hlfgCy1hASP4xMU8cnzlSY1ei8s/fS8bWqCbqDT2Dd//xeA/1AdJpajucmoKH93EqgZLGRpZ2VzdD0xODQyOTQscz05NTdlN2Y2MTljOTg3ZTdiYWNhYjhlYTk3OTg4OGI4OTliNzlhYTgwOWM3MzZmODU2OTg4ODJhODkzNjg3NGFkNjdhMDdmYWQ4MDg5NzE2Zg==
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.pointtown.com
referer: https://www.pointtown.com/ptu/exchange/index
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/ptu/exchange/index
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H/1.1 200
OK stat Show response
stat.meetrics.net/ Frame 6C47 82 B
351 B 46ms
11ms Script
application/javascript 144.76.202.54
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://stat.meetrics.net/stat
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 144.76.202.54 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h526.meetrics.de
Software: nginx /
Resource Hash: 79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:41 GMT
Cache-Control: private, no-cache, must-revalidate
Last-Modified: Sat, 09 Oct 2021 17:09:01 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H/1.1 200
OK gettag Show response
s79.research.de.com/bb-mxad/ Frame 6C47 0
208 B 48ms
15ms Script
application/octet-stream 136.243.13.222
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s79.research.de.com/bb-mxad/gettag
Requested by: Host: s79.mxcdn.net
URL: https://s79.mxcdn.net/bb-mx/serve/mtrcs_220434.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.13.222 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h397.meetrics.de
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:41 GMT
Cache-control: private,must-revalidate
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Content-Type: application/octet-stream

GET
H/1.1 200
OK submit
b70.s79.research.de.com/bb-mx/ Frame 6C47 43 B
291 B 56ms
21ms Image
image/gif 136.243.12.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b70.s79.research.de.com/bb-mx/submit?/8dw6BfAAA/whFtBo0F0wFz6BvvAkwB2yA0jE2iEljF2yAj3B1zA3wAy4Ax0AxzAw4AhyBljFmxBuzEhmFlmFyhFtlFunEvvFnsFlzF5uFkpFjhF0pFvuFujEvtFvzEhmFlmFyhFtlFvxAtwAtzA4vAo0FtsFvjEvuF0hFpuFlyFuoE0tFsBF5pyFo0F0wFz6BvvA33F3uBwvFpuF00Fv3FuuBjvFtvB+k2FoywAyxAtxAwtAw3AtxAz6Az3AtyAywA0zA0tAyuAxyAyuA4tAz0Ax3A3lE5zAKp6Fsp3Fx2AzzA35A5zA4xAywA0BEjwtFuvFulFnqnFluFtVETsBluFL2wFBLl1FC/2xF3CylFx1FlzF0mF1sFszFjyFllFugBm1FssFzjFylFluFluFhiFslFkgBluFnpFulFfjFoyFvtFlfF5wAg3EpuFkvF3fF3lFirFp0Fz0FvyFhnFlpFumFvgB3pFukFv3Ff3FliFrpF0jFhuFjlFshFupFthF0pFvuFmyFhtFlgB3pFukFv3Ff3FliFrpF0yFlxF1lFz0FhuFptFh0FpvFumFyhFtlFgjEzzFf3FliFrpF0gBjwF1fF0gAyhFtfF4gAthF4fFluFnpFulFf5BwBELlnFB/k0FsBxgAwqFpkF9yAywA0zA0mAhkFj9B53A14Az2A2mAjwFpkF9yA22Aw4AwxAxmAzpF0lF91A51Ay3Az5AmwEshFjlF9zAx1Ax1AzzA12AmjEpkF9xA14AzzAw4A20AmzEp6Fl9B3yA44E5wAmjEi9Bx4A45A4yA4xAxwAUkzFpBFAAAAAAYLaBaBAPAAAAAAAAAOAAAAGCAAAAAYLaBaBABPXAAAAAAAABxaWAZEAAFAx8Ez8ExBEFA5xA4yA1BErEiuAPAAAFAAxaWTEiuASksFwEbAAAAAAAAAAAAEAAAxaWAAAAAAAIAy2A2wA4wAxxAJAzxA1xA1zAz1A2BEHA15A1yA3zA5BEGA3yA44E5wAJAx1A4zAzwA42A0BEHA53A14Az2A2BEdAAAAAAYLAaBAFAAAEiuAAAaBo0F0wFz6BvvAzwBuyAtkFuuBulF0vB53A14Az2A2vAx2AzyA31A20A25Ax1A2vA1tAJXFFtBChF5vFurBtMElhFklFyiFvhFykFt3Ay4A45BwtAChF5vFuvBpuFklF4uBo0FtsFCATCFAAAAAAAAAAAAAAGAJGFSBFNFFQtjFjRK4VA
Requested by: Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h309.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
Server: nginx
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Content-Length: 43
Expires: Sat, 09 Oct 2021 17:09:40 GMT

GET
H/1.1 200
OK data
b70.s79.research.de.com/ Frame 6C47 43 B
308 B 55ms
20ms Image
image/gif 136.243.12.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b70.s79.research.de.com/data?/8dw6CgAAAl2yFuvFfhFwpFLktFDTkzFARksFAQtjFhfVNSA
Requested by: Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h309.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Sat, 09-Oct-21 17:09:40 GMT

GET
H/1.1 200
OK keep-distance-gmo.gif
cache.img.gmo.jp/gmo/header/img/ 329 KB
330 KB 15ms
15ms Image
image/gif 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.img.gmo.jp/gmo/header/img/keep-distance-gmo.gif?1617955924
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 3b710dda00baf5f393f5a35e34fd928a9f29cc5f019ba019d2ce2f186afed5a8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:41 GMT
Via: 1.1 PSrbJP1qr86:2 (W), 1.1 PSdgflkfFRA1hb199:13 (W), 1.1 PSdgflkfFRA2mu72:5 (W)
Last-Modified: Fri, 25 Dec 2020 09:36:06 GMT
Server: PWS/8.3.1.0.8
Age: 467512
ETag: "52532-5b746a752abc8"
X-Ws-Request-Id: 6161ccd5_PSdgflkfFRA2po7_31259-1296
Content-Type: image/gif
Cache-Control: max-age=31536000, public
X-Px: ht PSdgflkfFRA2mu72FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 337202

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 29FC 41 KB
15 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106044
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 08 Oct 2022 11:42:17 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 1A47 1 KB
868 B 14ms
13ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 09 Oct 2021 08:58:57 GMT
expires: Sun, 10 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 29444
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 29FC 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb3d301ff7eda349f8f654f937d41ffc42df59a2e8deeebb2c7ee81bc497505a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6C47 41 KB
15 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 11:42:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 106045
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 08 Oct 2022 11:42:17 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 26B2 1 KB
788 B 13ms
13ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pagead2.googlesyndication.com
:scheme: https
:path: /pagead/s/cookie_push_onload.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Sat, 09 Oct 2021 08:58:57 GMT
expires: Sun, 10 Oct 2021 08:58:57 GMT
content-type: text/html; charset=ISO-8859-1
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 29445
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 6C47 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 66f8892c2fe89cbc5b8cb510e223ca7fa8fbe9e88b0fa43bf492ee73df82e5e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 / Show response
aiqua-sdk.c.appier.net/aiqua/web/2446c4ba0c232e79a229/data/ 0
311 B 167ms
167ms XHR
application/json 52.76.182.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/2446c4ba0c232e79a229/data/
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.76.182.76 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-76-182-76.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.pointtown.com/
Accept-Language: de-DE,de;q=0.9
Package-Name: www.pointtown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 09 Oct 2021 17:09:42 GMT
server: Jetty(9.3.9.v20160517)
access-control-allow-methods: POST, OPTIONS
content-type: application/json
access-control-allow-origin: https://www.pointtown.com
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
content-length: 0

OPTIONS
H2 200 /
aiqua-sdk.c.appier.net/aiqua/web/2446c4ba0c232e79a229/data/ Frame 0
0 164ms
164ms Preflight
application/json 54.251.50.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aiqua-sdk.c.appier.net/aiqua/web/2446c4ba0c232e79a229/data/
Protocol: H2
Server: 54.251.50.59 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-251-50-59.ap-southeast-1.compute.amazonaws.com
Software: Jetty(9.3.9.v20160517) /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,package-name
Origin: https://www.pointtown.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Sat, 09 Oct 2021 17:09:42 GMT
content-type: application/json
content-length: 0
cache-control: max-age=604800
access-control-max-age: 604800
access-control-allow-credentials: true
access-control-allow-headers: Package-Name, Content-Type
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://www.pointtown.com
server: Jetty(9.3.9.v20160517)

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6C04 22 KB
8 KB 14ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 08 Oct 2021 11:42:17 GMT
expires: Sat, 08 Oct 2022 11:42:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 106045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame CEEA 22 KB
8 KB 13ms
13ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Fri, 08 Oct 2021 11:42:17 GMT
expires: Sat, 08 Oct 2022 11:42:17 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 106045
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A47
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMGF9c02k-yRo0El5qAwNAA&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEMGF9c02k-yRo0El5qAwNAA&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXV0TUJsZGUxTXpmUVc1&google_gid=CAESEMGF9c02k-yRo0El5qAwNAA&google_cver=1&google_push=AYg5qPJiHcDWFCdql9M5DNp5H_beO1powMDOWjrjxlkUUbX...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXV0TUJsZGUxTXpmUVc1&google_gid=CAESEMGF9c02k-yRo0El5qAwNAA&google_cver=1&google_push=AYg5qPJiHcDWFCdql9M5DNp5H_beO1powMDOWjrjxlkUUbXnW_31GGzGCWANXzFQ9LGH_QM8KEM-6RGY0HJMr-fxbTiwKG0a_uDY

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:41 GMT
Server: PingMatch/8a430fa#rel-ec2-master i-0fde9184b57476aa9@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security: max-age=2592000; includeSubDomains
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=OXV0TUJsZGUxTXpmUVc1&google_gid=CAESEMGF9c02k-yRo0El5qAwNAA&google_cver=1&google_push=AYg5qPJiHcDWFCdql9M5DNp5H_beO1powMDOWjrjxlkUUbXnW_31GGzGCWANXzFQ9LGH_QM8KEM-6RGY0HJMr-fxbTiwKG0a_uDY
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A47
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=4&google_gid=CAESEMfjv9-Si-YosU1cNfH-rXk&google_cver=1&google_push=AYg5qPJ79r5rzZfiXsd-SPlFTlNlPPMYTAnkS64uW5prPipzpK860UOJKnDJSj2nAF8KPA0toyVMqsJhV5I4LAEq...
https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ79r5rzZfiXsd-SPlFTlNlPPMYTAnkS64uW5prPipzpK860UOJKnDJSj2nAF8KPA0toyVMqsJhV5I4LAEq2gtTp2rGPNZL

170 B
188 B

21ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ79r5rzZfiXsd-SPlFTlNlPPMYTAnkS64uW5prPipzpK860UOJKnDJSj2nAF8KPA0toyVMqsJhV5I4LAEq2gtTp2rGPNZL

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 09 Oct 2021 17:09:42 GMT
Server: MT3 3984 0e3af3b master cdg-pixel-x4 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=mediamath&google_hm=&google_push=AYg5qPJ79r5rzZfiXsd-SPlFTlNlPPMYTAnkS64uW5prPipzpK860UOJKnDJSj2nAF8KPA0toyVMqsJhV5I4LAEq2gtTp2rGPNZL
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Sat, 09 Oct 2021 17:09:41 GMT

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame 1A47
Redirect Chain

https://p.rfihub.com/cm?in=1&pub=445&google_gid=CAESEEJ4GRKT2b3Hbai3hSysE9w&google_cver=1&google_push=AYg5qPKBW5NdvUs_jkGZMxXCBarcJMDYcI-66ogIhmUaOLkIThj1-NQBORG21ilOG1VkScvUbjucWypd5wbW422eCKUiJyh...
https://cm.g.doubleclick.net/pixel?google_nid=zeta_interactive&google_push=AYg5qPKBW5NdvUs_jkGZMxXCBarcJMDYcI-66ogIhmUaOLkIThj1-NQBORG21ilOG1VkScvUbjucWypd5wbW422eCKUiJyhnOXWF&google_hm=NTE0MjMzNjc...
https://a.rfihub.com/cm?pub=445&google_error=5

42 B
834 B

17ms
17ms

Image
image/gif

193.0.160.129
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&google_error=5
Requested by: Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.129 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:42 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://a.rfihub.com/cm?pub=445&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 247
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame 1A47
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESEBfFu2QqqjPyg63Cj1GKcAU&google_cver=1&google_push=AYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjipI&...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBfFu2QqqjPyg63Cj1GKcAU&google_cver=1&google_push=AYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjip...

43 B
411 B

173ms
173ms

Image
image/gif

2606:4700::6812:d05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBfFu2QqqjPyg63Cj1GKcAU&google_cver=1&google_push=AYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjipI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjipI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:d05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69b937db5c436919-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
content-type: image/gif; charset=utf-8
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 1084
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
cf-ray: 69b937da099c6919-FRA
p3p: CP="NOI DEVo TAIa OUR BUS"
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEBfFu2QqqjPyg63Cj1GKcAU&google_cver=1&google_push=AYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjipI&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAYg5qPILO-gqDh4HnSwGWKRLgfXByyZh_UcsDsAsDKYJrvUEstSZQyPnFK7SRtb7OeaCBFwu_TsE1pIENrCcWNp-32p4VEUxjipI%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
cache-control: no-cache, private
content-type: text/html
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A47
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1&google_push=AYg5qPKO9qq7S2JJ3ER7gNBS0aH0z98NiU1IMZHK6zwW6Mt03TMWjSrHSVhbFf8B3Khmr5gjyEUJUM3hZ_ELYgRO4CzY...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1&google_push=AYg5qPKO9qq7S2JJ3ER7gNBS0aH0z98NiU1IMZHK6zwW6Mt03TMWjSrHSVhbFf8B3Khmr5gjyEUJUM3hZ_ELYg...
https://p.rfihub.com/cm?in=1&pub=20513&ssp=google
https://x.bidswitch.net/sync?dsp_id=119&user_id=5142336718451253080&expires=30&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKO9qq7S2JJ3ER7gNBS0aH0z98NiU1IMZHK6zwW6Mt03TMWjSrHSVhbFf8B3Khmr5gjyEUJUM3hZ_ELYgRO4CzYGFtXUKsJ&google_hm=rzM8P8oSQgWKBKJetRSzhQ==

170 B
188 B

18ms
17ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKO9qq7S2JJ3ER7gNBS0aH0z98NiU1IMZHK6zwW6Mt03TMWjSrHSVhbFf8B3Khmr5gjyEUJUM3hZ_ELYgRO4CzYGFtXUKsJ&google_hm=rzM8P8oSQgWKBKJetRSzhQ==

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: //cm.g.doubleclick.net/pixel?google_nid=bdsw&google_push=AYg5qPKO9qq7S2JJ3ER7gNBS0aH0z98NiU1IMZHK6zwW6Mt03TMWjSrHSVhbFf8B3Khmr5gjyEUJUM3hZ_ELYgRO4CzYGFtXUKsJ&google_hm=rzM8P8oSQgWKBKJetRSzhQ==
Date: Sat, 09 Oct 2021 17:09:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A47
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEG4bUiMMcNe1HatVfH3M2V4&google_cver=1&google_push=AYg5qPJf3aIzt_IoRbQ882iO_1C1e_AfhE6VHAZrQWwFVqTJLbgFlao5Lv22NeFfYv4MTKql_bR...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VLMVlWQ0stVS05R1JQ&google_push=AYg5qPJf3aIzt_IoRbQ882iO_1C1e_AfhE6VHAZrQWwFVqTJLbgFlao5Lv22NeFfYv4MTKql_bRMvNpoMgKxcf5jGIhsgUfLznDM

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VLMVlWQ0stVS05R1JQ&google_push=AYg5qPJf3aIzt_IoRbQ882iO_1C1e_AfhE6VHAZrQWwFVqTJLbgFlao5Lv22NeFfYv4MTKql_bRMvNpoMgKxcf5jGIhsgUfLznDM

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1VLMVlWQ0stVS05R1JQ&google_push=AYg5qPJf3aIzt_IoRbQ882iO_1C1e_AfhE6VHAZrQWwFVqTJLbgFlao5Lv22NeFfYv4MTKql_bRMvNpoMgKxcf5jGIhsgUfLznDM
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: a66cbf3142c6ef39e3614b84a34262cf
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 1A47
Redirect Chain

https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP6basfvPOkEhl9cwatJzvI&google_cver=1&google_push=AYg5qPJ4qBgh7lFA3Ns5xAo-AyzohC3pnK9sZLLsdu8U4CmxbOEa0se58Pg1lBXRfql2azo632...
https://ups.analytics.yahoo.com/ups/58281/sync?redir=true&google_gid=CAESEP6basfvPOkEhl9cwatJzvI&google_cver=1&google_push=AYg5qPJ4qBgh7lFA3Ns5xAo-AyzohC3pnK9sZLLsdu8U4CmxbOEa0se58Pg1lBXRfql2azo632...
https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BdGJ1dVZaRTJ1RjVsUnlmSkouUTBZN1VOcEUudXpMeH5B&google_push=AYg5qPJ4qBgh7lFA3Ns5xAo-AyzohC3pnK9sZLLsdu8U4CmxbOEa0se58...

170 B
188 B

25ms
24ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BdGJ1dVZaRTJ1RjVsUnlmSkouUTBZN1VOcEUudXpMeH5B&google_push=AYg5qPJ4qBgh7lFA3Ns5xAo-AyzohC3pnK9sZLLsdu8U4CmxbOEa0se58Pg1lBXRfql2azo632sftXT9BBRSU5iFpPpbc9ZpmDR9

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 09 Oct 2021 17:09:42 GMT
Server: ATS/7.1.2.138
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://cm.g.doubleclick.net/pixel?google_nid=oath__display__app_eb_&google_hm=eS1BdGJ1dVZaRTJ1RjVsUnlmSkouUTBZN1VOcEUudXpMeH5B&google_push=AYg5qPJ4qBgh7lFA3Ns5xAo-AyzohC3pnK9sZLLsdu8U4CmxbOEa0se58Pg1lBXRfql2azo632sftXT9BBRSU5iFpPpbc9ZpmDR9
Connection: keep-alive
Content-Length: 0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 1A47 0
12 B 15ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13ILkP24CdYiJ0e9Bsc9HHROsJdFY2tSmEZzk4IADNFeGqh4NPwcCRcPhiBUWj0uz37rpi-Okg

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 26B2
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEMWX_YAW-fhlpUveLnppHXs&google_cver=1&google_push=AYg5qPKyRgeTNuTLR4WPBj58zjirIPYJ9z1G3rGoJSI--0r3-tm2A12Go8QdzfPZK-ng7uTk5vkKvpXWofgNfft5X2HATLpA1A
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=Mzk2MzU4ODY5MzUxMzQ2Nzg5Ng==
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEMWX_YAW-fhlpUveLnppHXs&google_cver=1

43 B
407 B

98ms
15ms

Image
image/gif

2001:678:cb4:bbbb::11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEMWX_YAW-fhlpUveLnppHXs&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:678:cb4:bbbb::11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:41 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-type: image/gif
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?google_gid=CAESEMWX_YAW-fhlpUveLnppHXs&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame 26B2 35 B
463 B 44ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEM_x4ryagqFlI4my-5PVzkc&google_cver=1&google_push=AYg5qPLuMfZRE_s3Fs-Rpmk8OBjKtRZ5ScIuBL4Z08bf1C6WUiUza7iur-V5hjjQZ5NB0SNngFgIoHJjCUubR8KaGVKmXJyzjLo

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26B2
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=2&google_gid=CAESEOb13Gcqa8g1tjdl_4lwtO0&google_cver=1&google_push=AYg5qPLWKWxn8Te9SugQG--GlrTYNuq_UBJ27LydUpC8w5gA8W5XOOuwffVD3tNPGvFqYcWYWT_ZiOP5eBlErs...
https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzExNDkxMzkxNjk3NTI0Mw%3D%3D&google_push=AYg5qPLWKWxn8Te9SugQG--GlrTYNuq_UBJ27LydUpC8w5gA8W5XOOuwffVD3tNPGvFqYcWYWT_ZiOP5eBlErsk3Pa...

170 B
188 B

24ms
24ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzExNDkxMzkxNjk3NTI0Mw%3D%3D&google_push=AYg5qPLWKWxn8Te9SugQG--GlrTYNuq_UBJ27LydUpC8w5gA8W5XOOuwffVD3tNPGvFqYcWYWT_ZiOP5eBlErsk3Pan0jsjNcYI

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=agent&google_hm=NzAxNzExNDkxMzkxNjk3NTI0Mw%3D%3D&google_push=AYg5qPLWKWxn8Te9SugQG--GlrTYNuq_UBJ27LydUpC8w5gA8W5XOOuwffVD3tNPGvFqYcWYWT_ZiOP5eBlErsk3Pan0jsjNcYI
Date: Sat, 09 Oct 2021 17:09:42 GMT
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"

GET
H/1.1

200
OK

google_sync_status
x.bidswitch.net/ Frame 26B2
Redirect Chain

https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1&google_push=AYg5qPKJ2vS2eDv7iZ8-zrFmiwjfL0aqdL3n-bJk-OHI5-DU1Cs8e3VjxNXXxSz7ZeBXv8UWAr3WwNBvHdTcZHu8FNr8...
https://x.bidswitch.net/ul_cb/sync?ssp=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1&google_push=AYg5qPKJ2vS2eDv7iZ8-zrFmiwjfL0aqdL3n-bJk-OHI5-DU1Cs8e3VjxNXXxSz7ZeBXv8UWAr3WwNBvHdTcZH...
https://r.scoota.co/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://r.scoota.co/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=google
https://x.bidswitch.net/sync?dsp_id=29&expires=30&user_id=15ff2253-071d-4ec0-a10c-2ab5f965c170&ssp=google
https://cm.g.doubleclick.net/pixel?google_nid=bdsw&google_cm=1&google_hm=rzM8P8oSQgWKBKJetRSzhQ==
https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1

43 B
220 B

9ms
9ms

Image
image/gif

18.193.90.196
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.90.196 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-90-196.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://x.bidswitch.net/google_sync_status?ssp_name=google&google_gid=CAESEDJZjd7EMz6u-wCAsnbJVRY&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 403
Forbidden gg_pixel
sync.adaptv.advertising.com/ Frame 26B2 14 B
14 B 454ms
104ms Image
text/plain 3.230.12.180
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEC7p_L1BRtoPRKKl6ro-wgU&google_cver=1&google_push=AYg5qPJz_ntwe5f08wzpefw2m4TXDbxH5AcEaBH519gmfdRKIRhhxCda77mpexxys0Maf5sR_xFIbhWU0y5nZc3zlCMHiY0sJKQ
Requested by: Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.230.12.180 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-230-12-180.compute-1.amazonaws.com
Software: ribs2.0 /
Resource Hash: 0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Server: ribs2.0
Connection: keep-alive
Content-Length: 14
Content-Type: text/plain

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 26B2
Redirect Chain

https://eb2.3lift.com/ebda?sync=1&google_gid=CAESEOqBxFXJO-305Q77EPwHnaQ&google_cver=1&google_push=AYg5qPJdzJcOS5JNEUi9pE_KqIbf2C1pGHlNQSs1Np0rawpP4syZuySOA9-FwnzJoGMgtmLhYsubbS6ulD5D3CcPE1lF7yo4s_U
https://eb2.3lift.com/sync/google/supply?ld=1&gdpr=1&cmp_cs=&us_privacy=&sync=1&google_push=AYg5qPJdzJcOS5JNEUi9pE_KqIbf2C1pGHlNQSs1Np0rawpP4syZuySOA9-FwnzJoGMgtmLhYsubbS6ulD5D3CcPE1lF7yo4s_U&googl...
https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NzQzNzE1ODI0OTQ0Mzg0MTM%3D&google_push=AYg5qPJdzJcOS5JNEUi9pE_KqIbf2C1pGHlNQSs1Np0rawpP4syZuySOA9-Fwn...

170 B
188 B

25ms
25ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NzQzNzE1ODI0OTQ0Mzg0MTM%3D&google_push=AYg5qPJdzJcOS5JNEUi9pE_KqIbf2C1pGHlNQSs1Np0rawpP4syZuySOA9-FwnzJoGMgtmLhYsubbS6ulD5D3CcPE1lF7yo4s_U

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=tl&gdpr=1&gdpr_consent=&us_privacy=&google_hm=MTU5NzQzNzE1ODI0OTQ0Mzg0MTM%3D&google_push=AYg5qPJdzJcOS5JNEUi9pE_KqIbf2C1pGHlNQSs1Np0rawpP4syZuySOA9-FwnzJoGMgtmLhYsubbS6ulD5D3CcPE1lF7yo4s_U
date: Sat, 09 Oct 2021 17:09:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 dot.gif
s0.2mdn.net/ Frame 26B2 43 B
135 B 21ms
21ms Image
image/gif 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dot.gif?google_gid=CAESEAxufCUl4g-calJgAF9iYHY&google_cver=1&google_push=AYg5qPKvXuis2CgTHyVwCtxOPZHpHjoLpmwuMOCif7qhtOMGnc9iyqOJzHp9V5eivHGcy_hZx31bSemF4aAScvYd_4YTjVLmBNlM

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:42 GMT
x-content-type-options: nosniff
last-modified: Sun, 01 Feb 2009 08:00:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 17:09:42 GMT

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 26B2 0
12 B 15ms
15ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IJ7ZD7ZL3YSpwv4rWgfqhB_s8S3ueMFZps89WF1RNzYLUf758UsEgKrodxwAq-eyq2ewVKgw

Requested by

Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:42 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H/1.1 200
OK data
b70.s79.research.de.com/ Frame 6C47 43 B
308 B 12ms
12ms Image
image/gif 136.243.12.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b70.s79.research.de.com/data?/8dw6D4DAA4rvFo0F0wFz6BvvA33F3uBwvFpuF00Fv3FuuBjvFtBFLruFBLkqFFlqwFyyAw0Az0AL2vFBLl1FDLkqFK0kyByyAw0Az0A6zE0hF0jFi6BwyFl0FptFlBF2qoFx2AzzA35A5zA4xAywA0nEp4B4yAiqFokFrBFlqwFyyAw0Az0ALkmFBTkzFzQkAAAAAAAAYAAAACBAQAAAAAAAAAXAAAACBAP0BAAZAwSAcAAAARksFAQtjFJ8dWSA
Requested by: Host: d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
URL: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h309.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:42 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Sat, 09-Oct-21 17:09:41 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame A9ED 60 KB
24 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Oct 2021 17:09:42 GMT

GET
H2 200 script.js Show response
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/js/ Frame A9ED 2 KB
838 B 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/js/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

54980d0ce1ab462210a69cea7a8f61f66d7baf954c2fba0dc4030a6b6e7cb36f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 733
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:00:11 GMT

GET
H2 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 9929 110 KB
38 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 03:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 03:32:47 GMT

GET
H2 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 9929 60 KB
24 KB 28ms
28ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Oct 2021 17:09:42 GMT

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6C04 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 15:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 08 Oct 2022 15:56:39 GMT

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame CEEA 35 KB
13 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 15:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 08 Oct 2022 15:56:39 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 29FC 0
23 B 64ms
48ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 09 Oct 2021 17:09:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6C47 0
23 B 48ms
48ms Ping
image/gif 142.250.184.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss4NODpmmfbi-GSGTGOnwyDV6cjf-LjUUxZXlBeCP42L9Ou5FflSb7xFH--KpYmZClqbEOZVw0oYizCq8bKh5YGbMUWx9GCSbg_Kk2r6LpJSgwER_XR-_sBUxNG0MH1iYcftOF9KUc-s60OiHrxhZQxd0CsY1s_y1JUJwvXD_KtqBWok_Lo7DL8ku4S333cEDAeHSdzVovJYvvuZ0vmlcptdHWs98yG1JX1bsK1aruk1-L59Zl4tXyYJmIyBFIOT_K_Lv_MIy3v48XnwEHq1c6loNeUeLn1ZHkSQISGU8mWhpJ-mqml8eYZUDDIzKbbj5yJNb3cvGxkOwpWfVcgaZr4IgnsNjNqjEhGsn61Rpnk45BPlhQV8-N-J3bgspK8yFFfC-WBKlk86lfVUu6DD27g4dPQTmC-6Df9mMUKl0uXDzDEMiklPC3Ir5anqqbD7AfnLanF6VnC7vQb9CSNGuumsNpRGq3FTj-J4be30hWjbxxQO4mnS9GGMEdGyRB1jNVoUFF-u909tMb3zGcKZBt7MWyJcNAp7MxlTZAdvLfT2Upj7TWYz9Z7qoShdx3XXySlC2PdOVPidmOWHLuu6QKrFyuB-rqrz-iZy5IXoubpXrGTP9L7xefVuqMRV9hC297_QjNAG_K-vk0OSJL91pv-uoksr1G-kTp7YZl1w04N-gGTDwVt5FsS8b_6SF0K5S35sAU6GURa7tveGJ0liCN0SFIdaU1TDhwbzF6ICUnYj5Y27YBetAoqLIwbqaEeekLggkaIdy9c7oHZYlW3YhpNzroJAaBxxZTjek4--9ZoiZ4Qxehdr8vSbnNHzTTj07oel9ljEVN0vmwmXMdfRqE3UU1od4yHSehe-Cmxra65-EO58X3sUJC7EB1KZ4LPI1KCzR6rzDEwK_09VBol8H4oluBc8CxTLv_uAMjdBm5--JHRBVJebS1Gxsf4ZPzAVnlfMc9Rbj9-GOytgO6IfUWmGRA5py5tBy0TGfe5gbH0zaP18Jejx_IXDQUVgMA1m3ffeHykcHZd2P8bWKDS3pc4HYH_1jbvlmdBMi8IIeiW0Dtdph_hL3bxlJIjA1X2wziXAOYsXNt37rqQpO_McsHBtLJbAwxxRG9eTqDTRf-PX39R9PffPqW0HlmjPleymE3s_DMa0VUp0-LeUOujN3HLS7dxzIedrkmmFrplho798EBwXd3XhHYxjirya150kouq&sai=AMfl-YQ7mCs-jNs4vtobNs698eL-hAROmVpo34x4yjWu83-R_6_qjThNXB6vQ8ztQR6RwMiUDy1NTlfbO8mMflhI49xURA6OlBeclmDXyHVkAfZZ-GjlY4C7IpQ7H6D55JNSIaKCLNDuAaIxiEvABJl2PgaNrPud4g&sig=Cg0ArKJSzE2yOODaqliQEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=557&vt=11&dtpt=487&dett=3&cstd=68&cisv=r20211006.34871&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.184.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 09 Oct 2021 17:09:42 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 nr-1210.min.js Show response
js-agent.newrelic.com/ 31 KB
12 KB 65ms
18ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/nr-1210.min.js
Requested by: Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id: tUmpG8VLFN_NnT6837P9feidPwIndCMZ
content-encoding: gzip
etag: "67f7ff413fcbb9300ab2dbf1bb53180c"
x-amz-request-id: BH2AP9PWXNTFG795
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 11781
x-amz-id-2: XjDhp09D6EYaheZaXJDhNLF1vtLJWfoOkX/7mjcz5KUCMguYKh6msxCRXvd1cshMBSfiJJt9EJ4=
x-served-by: cache-cdg20737-CDG
last-modified: Tue, 22 Jun 2021 22:47:07 GMT
server: AmazonS3
x-timer: S1633799382.267537,VS0,VE0
date: Sat, 09 Oct 2021 17:09:42 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 9071

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
9 KB 67ms
29ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021100401&st=env

Requested by

Host: www.pointtown.com
URL: https://www.pointtown.com/ptu/exchange/index

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e38a0edbb2ac3e6f0e89ad9b3e3f335108374948ae2af741a07df164985fbef1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Oct 2021 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8436
x-xss-protection: 0

GET
H/1.1 200
OK style.css
cache.img.gmo.jp/gmo/footer/css/ 3 KB
1 KB 10ms
9ms Stylesheet
text/css 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.img.gmo.jp/gmo/footer/css/style.css?20201211
Requested by: Host: cache.img.gmo.jp
URL: https://cache.img.gmo.jp/gmo/footer/script.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 45e8b9449153aea2920ff767445a139865144dbdd8fa42cda960070cc28cac5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:42 GMT
Content-Encoding: gzip
Last-Modified: Tue, 11 Sep 2018 03:47:49 GMT
Server: PWS/8.3.1.0.8
Age: 1264063
ETag: "dbf-57590567065a7"
X-Ws-Request-Id: 6161ccd6_PSdgflkfFRA2po7_31259-1306
Content-Type: text/css
Via: 1.1 PSrbJP1iv81:2 (W), 1.1 kf230:11 (W), 1.1 PSdgflkfFRA2gb73:9 (W)
Cache-Control: max-age=31536000, public
Transfer-Encoding: chunked
X-Px: ht PSdgflkfFRA2gb73FRA
Connection: keep-alive
Accept-Ranges: bytes

GET
H2 200 txt1@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame A9ED 2 KB
2 KB 20ms
19ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt1@2x.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b02a3233f069f3f0ccfd31f2021073f91e74b438c7b69d201dd5c1719557f321

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:00:11 GMT
x-content-type-options: nosniff
age: 14971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1685
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:00:11 GMT

GET
H2 200 logo.svg
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame A9ED 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:00:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:00:11 GMT

GET
H2 200 bg1@2x.jpg
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame A9ED 24 KB
24 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/bg1@2x.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b2732f593e4de0876048948d71b5c75f140349eaed97c3d2b15a25fa74863058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:00:11 GMT
x-content-type-options: nosniff
age: 14971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24287
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:00:11 GMT

GET
H/1.1 200
OK gmologo.svg
cache.img.gmo.jp/gmo/footer/img/ 8 KB
9 KB 15ms
15ms Image
image/svg+xml 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.img.gmo.jp/gmo/footer/img/gmologo.svg?20201211
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: b15e42f0bb6955af7f4194d03413f1e7fbc2623f9a13c0452e4a38412086d500

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:42 GMT
Via: 1.1 PSrbJP1gk84:8 (W), 1.1 PSdgflkfFRA1bc200:13 (W), 1.1 PSdgflkfFRA2po75:14 (W)
Last-Modified: Tue, 25 Jun 2019 04:29:49 GMT
Server: PWS/8.3.1.0.8
Age: 3155063
ETag: "21fb-58c1e611f0ed9"
X-Ws-Request-Id: 6161ccd6_PSdgflkfFRA2po7_31259-1311
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
X-Px: ht PSdgflkfFRA2po75FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 8699

GET
H/1.1 200
OK wearegmogroup.svg
cache.img.gmo.jp/gmo/footer/img/ 15 KB
15 KB 15ms
14ms Image
image/svg+xml 163.171.132.119
QUANTILNETWORKS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cache.img.gmo.jp/gmo/footer/img/wearegmogroup.svg?20201211
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 163.171.132.119 , Germany, ASN54994 (QUANTILNETWORKS, US),
Reverse DNS
Software: PWS/8.3.1.0.8 /
Resource Hash: 006298b3e558796bc647f15131e430d79ffffd61e01aca13c13d369cf172a1b5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:42 GMT
Via: 1.1 PSrbJP1gk84:10 (W), 1.1 kf230:6 (W), 1.1 PSdgflkfFRA2mu72:6 (W)
Last-Modified: Tue, 25 Jun 2019 04:29:49 GMT
Server: PWS/8.3.1.0.8
Age: 3154677
ETag: "3acf-58c1e611f35ea"
X-Ws-Request-Id: 6161ccd6_PSdgflkfFRA2po7_28744-56425
Content-Type: image/svg+xml
Cache-Control: max-age=31536000, public
X-Px: ht PSdgflkfFRA2mu72FRA
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15055

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021100401.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 09 Oct 2021 17:09:42 GMT

GET
H2 200 CodeProLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 9929 52 KB
52 KB 16ms
14ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProLCW05-Regular.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:02:21 GMT
x-content-type-options: nosniff
age: 441
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52901
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:12:00 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Oct 2021 17:17:21 GMT

GET
H2 200 CodeProBoldLCW05-Regular.woff
s0.2mdn.net/creatives/assets/2560291/ Frame 9929 48 KB
48 KB 21ms
19ms Font
font/woff 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/creatives/assets/2560291/CodeProBoldLCW05-Regular.woff

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2
Origin: https://s0.2mdn.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:00:19 GMT
x-content-type-options: nosniff
age: 563
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49198
x-xss-protection: 0
last-modified: Thu, 10 Sep 2020 12:11:57 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 09 Oct 2021 17:15:19 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 9929 6 KB
4 KB 28ms
28ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

54c9b7b6cd393fbb59ca434ceb7af9c2a5ec2f8700e83ad6af48066c5b39dddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 09 Oct 2021 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4471
x-xss-protection: 0

GET
H2 200 60005582_20211008010324390_STANDARD_728x090_LOOK-01.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9929 4 KB
5 KB 15ms
15ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211008010324390_STANDARD_728x090_LOOK-01.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0250bba6f453cf69c7ce667527d834b9c14917feb67722c0dd7219b6f772bde

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 08:56:41 GMT
x-content-type-options: nosniff
age: 29581
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4497
x-xss-protection: 0
last-modified: Fri, 08 Oct 2021 08:03:24 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 08:56:41 GMT

GET
H2 200 60005582_20211005055544092_STANDARD_728x090_LOOK-02.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9929 4 KB
4 KB 16ms
15ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20211005055544092_STANDARD_728x090_LOOK-02.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

91d7228068f0ba3d2385d75a84de02145b4ee8d90ff47c14e00d650a4507a55e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:04:13 GMT
x-content-type-options: nosniff
age: 14729
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4050
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 12:55:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:04:13 GMT

GET
H2 200 60005582_20210507060843268_Asset_Transparent.png
s0.2mdn.net/ads/richmedia/studio/60005582/ Frame 9929 2 KB
2 KB 16ms
15ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/60005582/60005582_20210507060843268_Asset_Transparent.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61832784/20210623080512844/728x090.html?e=69&leftOffset=0&topOffset=0&c=EcjowQQ2x8&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 07:35:55 GMT
x-content-type-options: nosniff
last-modified: Fri, 07 May 2021 13:08:43 GMT
server: sffe
age: 34427
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2040
x-xss-protection: 0
expires: Sun, 10 Oct 2021 07:35:55 GMT

GET
H/1.1 200
OK postview.gif
portal.blau.de/nws/img/ Frame 9929 43 B
616 B 40ms
10ms Image
image/gif 82.113.101.236
TDDE-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://portal.blau.de/nws/img/postview.gif?partnerId=BLU_DSP_TRA_HAV_34114_PV&mediacode=25093339_4307561_299751472_154735167_PO0903A&ref=25093339_4307561_299751472_154735167_PO0903A
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 82.113.101.236 Hanau, Germany, ASN6805 (TDDE-ASN1, DE),
Reverse DNS: portal.blau.de
Software: Apache /
Resource Hash: e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:42 GMT
Last-Modified: Wed, 26 Aug 2020 10:11:24 GMT
Server: Apache
ETag: "2b-5adc50abeeb00"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Connection: close
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43

GET
H/1.1 200
OK 401657ace6 Show response
bam-cell.nr-data.net/1/ 49 B
925 B 590ms
542ms Script
text/javascript 162.247.243.147
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://bam-cell.nr-data.net/1/401657ace6?a=16006056&v=1210.e2a3f80&to=b1ZSZRdRWxJXUEFfClYcY0EXWVsGdVxbQhdXX1xUFx9wGVVbVFgCXXBfXxFCWg1aVkcZDFZXVUk%3D&rst=4787&ck=1&ref=https://www.pointtown.com/ptu/exchange/index&ap=29&be=2900&fe=4645&dc=4193&af=err,xhr,stn,ins&perf=%7B%22timing%22:%7B%22of%22:1633799377567,%22n%22:0,%22f%22:0,%22dn%22:1,%22dne%22:2,%22c%22:2,%22s%22:8,%22ce%22:20,%22rq%22:20,%22rp%22:769,%22rpe%22:2659,%22dl%22:772,%22di%22:4162,%22ds%22:4162,%22de%22:4194,%22dc%22:4645,%22l%22:4645,%22le%22:4648%7D,%22navigation%22:%7B%7D%7D&fp=3074&fcp=3074&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/nr-1210.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.147 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date: Sat, 09 Oct 2021 17:09:42 GMT
Content-Encoding: gzip
CF-Cache-Status: DYNAMIC
X-NewRelic-App-Data: PxQGQlRSDwUFVVVTFR0VMQFTYkEDCBADUxZRDVZkG3xWEU0YdQhAEgVCVAkDEWQcfgEVFk51XhUUUEJQCgMRQBxSFlIUChoLC1AJUHRMB05WAhtDU1APV1VWVlYCVAdRUAMBBUBKBQNcEV0/
Server: cloudflare
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
access-control-allow-methods: GET, POST, PUT, HEAD, OPTIONS
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Transfer-Encoding: chunked
Cross-Origin-Resource-Policy: cross-origin
Connection: keep-alive
access-control-allow-credentials: true
CF-Ray: 69b937dc1a1739db-CDG

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 9929 17 KB
6 KB 68ms
68ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 09 Oct 2021 17:09:42 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5B50 12 KB
5 KB 14ms
14ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pointtown.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Sat, 09 Oct 2021 16:29:25 GMT
expires: Sun, 09 Oct 2022 16:29:25 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 2417
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3126 783 B
980 B 23ms
23ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

f57c4c7b33cfd3604dc84f037609639b1e2e7c382d35c162bf7c18f58a7c357d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-aKFmJBGTjBj7/F//dPsUWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pointtown.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 09 Oct 2021 17:09:42 GMT
date: Sat, 09 Oct 2021 17:09:42 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-aKFmJBGTjBj7/F//dPsUWA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame A4A8 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 15:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 08 Oct 2022 15:56:39 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3126 0
0 66ms
66ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gpt_2021100401&jk=3249395265651571&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H2 200 m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js Show response
pagead2.googlesyndication.com/bg/ Frame 5B50 35 KB
13 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/m_71LU70zG8G78x6hYSYf2B3ELc7BGRgbsZokPhgXAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Fri, 08 Oct 2021 15:56:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 90783
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13358
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Sat, 08 Oct 2022 15:56:39 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6C04 0
58 B 49ms
49ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BqUo21cxhYdHeItKW3gPhzbiwCAAAAAA4AeAEAg&bg=!wMOlw4fNAAbGFvHlxhY7ACkAdvg8WpgjGf_7dVjiu6S9TDTgR99KTgg_hJZdoKClckWtQWksLNJJ5AIAAAE1UgAAABVoAQeZAwN2A4bR4i9-BfqajFzxAbpQyGcArHbtoOyigIzRN7WJd2pCIfn8U_w_vsKZ52O2ZdJl4wmpBv5HC12T0rOJVQbGVqNzaL_kVT1wUFlmVx1bgI-Zjc8zmtm-XnSfrkitz7jiNJRL4sIMGW1cmgVleYDbI7vhLSNl6ZdLe-jtRZ4G3YsAW_cMTglgNcVgCbLSnSJe4I9U3d2X1hTsATB3fEkuaPp2e92B1jdubM6UTuhblhKPDQ2kul2MUm792sLj3G8WN3TKZgiPV_N1IeTW3bkmhVeehUs6lNONpqUmXX3nfMHqhp3u37B7nuSBQUxFZo10HIZLAphxotADLZOqdMnBLz2JDVfBZOijhx6gL7nAP_okZIUBonau-XGq3S93GpYQb6TDT7FZcxsQHoLeDhSnYfjPEkddz6mkbz6EggcOv-u4qg2eGywQH6AocYtF0y_cIpxW_MFlYmuSNuLZcC-TgGHIQ6kiZfuHNgpmVavXsOGB4ZwU8JW0XOwOna7jvwVLa3RbnsAL1K3MILYUJFcphYuGG5FJl3FqUZL7iUC7I0dHzAUVgTNfrbsAoquBTuuckkA48O2vl1ndKnoDA1fO-RaC-tUmnO-HaqrhCMmqKtR1DhFFDYt7qV1PoogA5PybRE_DX6prd-_aVLCKnpWYse683RZrW-uaGtelKPW7YVPz5KFJq2tsS7Lb_IVwnZt1y9MkxsuQ5Sg3iUcBPaN6Oj2sT4COR1aeSjUkFGOeswhsJz8vS7qhhF22eJ-6zvu7ypeUcURvfwJ36LC0v8kPC8BFAIY70cF4OZ4qFEhFM_vZs0mza63YgRXQoqPFXKQetsHmCezZzBIwVA42ahuwzDtpjwA_38Yxa4ODRmQMrfRa63SFkEadH5Ojr1VK_zZONJPtlRSpO5m8SVZsuqbUoyfVr64wx3jOfZZQ7RXWwm5cqqls4d3-gambir_vOTiSasq2hbovvePnltHGYs-NaF6OkVrVtpOPqfz3v2MRfkIppm1ly26ThV_WavfkC3YJVFE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEEA 0
56 B 50ms
50ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BspDO1cxhYb76I5qK3wPrh6HgDQAAAAA4AeAEAg&bg=!EBOlE1fNAAbGFvHlxhY7ACkAdvg8Wu1QELYByIoBVDdi9fImzHNv_7IcBgqX4ndhUzVl8-8A0Dv3jQIAAAEZUgAAAApoAQeZAxBC-I83_Hu2bQhurUVTBu84VXsFeDN4-e2pFOCa_TgyX_gqWy1JIrcQYc6Tqt35cQjt8GQ_wWx2bxbbqUSx0uk_NF5AVfHPrUEJOhcPvXJkiJx_EGU9Pa3FvOaP3-a0-ZDVB69_9C8f75COcrhh6Eb9XfJ1SteVJZPNjzHMi0-scbbS87ODawPv6WXe6vk6huvjwh9N5s-k-IywRiNzPYKV-gNzvTfdkAaN2Y2bSOi0wG06KfXJk1xHCK_IRvJyFrrcrnjX5RtnUKlyLyP6fyflppCwHWXjxsIMEvIEmWjYrwb13im17_G-ySVvEcPVc-cCSom5_eVaUZIzbtAGQJYO5KVQ0v2teO43WETbQ6RjBUu7i00Eg00luLNEGMI0GC1zHtbGDfcxlC-NMKPIv2Qc885kxegBxExorw-IZmrXIPLXiiQ_OSfCl146QnFj4Tj5h2VG8IjtTUWIm3fQm3PMftI7k0r3gGy6VIfuvPRAsD-QZd-fUaM89OYeCRIQ1vg1MHcVZq8g4zWubKFG9ZkII1oRWdvdPVziVetGrDg33frrdv3QNH9RO2WVCjh9FePGZx1fQ3hXxqAWzBdSX7Ju2kaplByUoPDLaUKL4aNmRTqmeK9oQ6rANdFCh9QwJDl_IdFe4foIabqz-_qAb9yFqPX039bdXVRkcxXJRwXmid2-D_Ow3e2sQzHncjz0ajqw2tU1MgagEfU_R9jXVXDO_04Qk333BxR3yd6ZoS_mUM_c-cFuenb_6ISoho18IJq5VtJ4Tv395g7Ye2U9MqvEXeueKntc_HeoXLrqd5UNXTozXrPguPCTAnmYTq5FPp5uNxd3HatL1GTPlGHDlag68VNuU4ezGTPhMMuC4Td3EnID_rK8k1inwH8BAVQq5aCFyRZvdJ-G5wf4Y1sg-dke4s9jyP8LQkmBAt-2w4CJZJyx793p3Wlk-A5g1sb2XuuAj7wtCryNcuhYA4gVv4LCzAm4U_r4s4eSimp-UK7KSRTc2uezAlx4nkWqlrHGdK1ijxjjBUqT9xcR4PlacYbc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 50ms
49ms Image
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gpt_2021100401&jk=3249395265651571&bg=!NzSlNHDNAAbGFvHlxhY7ACkAdvg8WrAmoN57hEtBQKECu9R-R1ocpnXozOO8dcSWjrf0i44LlslBCAIAAACNUgAAAA1oAQeZArHwZkQwIQ82yiGxPXGgEMTvdrYlgr1vQabpMcxUamH6qx69eu4ISDP4woK_Unj07wSZOYcrSvwV0_BhagTDo43XiIB0J97OgSBpgXgezg3jTdUrG-fnbFuk68nhw4TJkmfy26YNpsubjRXSJJfEuNJq9Lutq4TZGIRHmPslVwR7v-cGd54YMeKy3Qxlt6IG8n9KJDc8oeh_7tblLeAazSjnncNNj2eEfqXno3kI7M5hKe6_q71adLg0rQdZUi12E10yN8KFR7g_QINrsa_44zSHAHtGrqfmYXxzxK4cM3cXumMHBtsTiZg3XX3t0UwmzDGQYv8cvFP0IqVkWAt46DxQGi7CzNVaYk5nNwdv1OerJTQR-66Aet2bOrufjWU6FTSvpg5MA2XRSLnr6w8MqVUjyKh5nWkSVy4tgd-5Rk5sfDnautVymzvqLGufpgbbNP5Gi-F-F8bbRCrQ6dLgu6R7I-0PLH_NmSjSTlSEdO7J0Lp7fX37k9GmwgKTwHVcOaLI2UVI0_x3LQHGxL2Sk1rPtKEtEU8gxhr7kxNSS46sYvrsBBJJJ3UvcsdNK5Fq6qmuxhdzpSK2NOva3VSkKxcat-q8Hy8j-zzUzjlI0CtsOftxEQBcuNUmuYOZN-od5l-sTPqk7tVJRNjHcTOjKqSDw62Ag8VYw3NdXF2UzHpEl_QJgbGM3GX40cWKjDeuRJvblCbF4pY6nGo-dKBTSjiDocme0zjvB-I6GMNa2fNNgBVJOw-MJHScKGjj4RqYL1G_YD5qbgu0e4Y0TOTd9IW-PL-7ka1U_j1K29nkIpxtO48uokbOoAUel0J4nRJ2KQ8Cb1K1m-m8lY3ub6nG21x36s2cRgaFVCYAt9q_9s3YTc6IVr1hHvtudiUQqfZ0Z3nisubnJ22s7XdC5twNEebVTQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:42 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 6C47 42 B
174 B 54ms
54ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstCKEBVF8dyegqTkCKJ6WI8zJiQ0GEGPYJSyv5ZTUjjvtKaPtGAb2jGAddpri6uBHU385PFWPpiFkvW8y2HWxQE20lcZPrTRO-18gFtgFmW9bUfcHp3ug&sai=AMfl-YQM5jMTKDi5kb5q6GMwm9mBri1NN4xBouO448h2KKmxOR5VYDKxskWg7T5R1iWtp7xVO6etcY8mzGW5QAZIZxLZYTbFMFUfDDZ-51RPIu5YZQCiBObBeqOy3o-G&sig=Cg0ArKJSzInLsG7i_EYQEAE&cid=CAASEuRo5XYOvfgL1MVf-FlzfHeVFQ&id=lidar2&mcvt=1000&p=0,0,90,728&asp=39,292,129,1020&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211006&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=808753895&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1633799381204&rpt=815&isd=0&lsd=0&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 09 Oct 2021 17:09:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 115557.ct.js Show response
intljs.rmtag.com/ 18 KB
7 KB 44ms
22ms Script
text/javascript 34.102.147.248
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://intljs.rmtag.com/115557.ct.js
Requested by: Host: jp-tags.mediaforge.com
URL: https://jp-tags.mediaforge.com/js/5619/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.102.147.248 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 248.147.102.34.bc.googleusercontent.com
Software: /
Resource Hash: b05290089ca07dfafde613f9988a193a4cf0a0eeabc6a8ccd951a26924b3a1bb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:43 GMT
content-encoding: gzip
last-modified: Sat, 09 Oct 2021 17:09:43 GMT
x-cache: hit
x-samesite: secure
via: 1.1 google
cache-control: max-age=86400
accept-ranges: bytes
content-type: text/javascript
alt-svc: clear

GET
H2 200 style.css
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/ Frame A9ED 1 KB
471 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b64921997bfcfd4e9b15810b9107a3686e5daca86e15624744940090231d0c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:00:12 GMT

GET
H2 200 txt2@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame A9ED 1 KB
1 KB 14ms
14ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt2@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e28f457f2dcddef9f1bf5b8aca5edc7ac8c0096d5dd54e5c73fc29e88dfea6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:00:12 GMT
x-content-type-options: nosniff
age: 14971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1228
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:00:12 GMT

GET
H2 200 txt3@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame A9ED 1 KB
1 KB 16ms
15ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt3@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e6c7a911b2262af474cb07fc64861a1fca560c349f579267602793a29def7e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 03:57:51 GMT
x-content-type-options: nosniff
age: 47512
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 03:57:51 GMT

GET
H2 200 txt4@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame A9ED 1 KB
1 KB 15ms
14ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/txt4@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ba85ff98bcc93beb0bb5c716df720cf3317f7e98c1a16e86e2ff4bcdd0ff4943

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:00:12 GMT
x-content-type-options: nosniff
age: 14971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1084
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:00:12 GMT

GET
H2 200 cta@2x.png
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame A9ED 705 B
769 B 15ms
15ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/cta@2x.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0401d2177016be36142e4ffb48989c6e1c899bf115b17dcfd919e1e8897f4122

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:00:12 GMT
x-content-type-options: nosniff
age: 14971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 705
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:00:12 GMT

GET
H2 200 logo2.svg
s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/ Frame A9ED 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/img/logo2.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/9758366/1632756469156/5-IWE-Bayon+-Leaderboard-728x90-Bayon/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 13:00:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14971
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1053
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 15:27:49 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 10 Oct 2021 13:00:12 GMT

GET
H/1.1 200
OK data
b70.s79.research.de.com/ Frame 6C47 43 B
308 B 12ms
11ms Image
image/gif 136.243.12.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b70.s79.research.de.com/data?/8dw6E9XAATkzFARksFAQtjF5rJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h309.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:43 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Sat, 09-Oct-21 17:09:42 GMT

GET
H2

200

5619 Show response
ut.rd.linksynergy.com/pix/ Frame 1590
Redirect Chain

https://jp-tags.mediaforge.com/pix/5619?type=pos&href=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&_rm_fire3p=true
https://ut.rd.linksynergy.com/pix/5619?type=pos&href=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&_rm_fire3p=true

16 KB
17 KB

21ms
21ms

Document
text/html

34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ut.rd.linksynergy.com/pix/5619?type=pos&href=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&_rm_fire3p=true
Requested by: Host: jp-tags.mediaforge.com
URL: https://jp-tags.mediaforge.com/js/5619/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: a6ded06867453d17de2f280da971358c457e5b4490c0a5b6199c4f887b893a63

Request headers

:method: GET
:authority: ut.rd.linksynergy.com
:scheme: https
:path: /pix/5619?type=pos&href=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&_rm_fire3p=true
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.pointtown.com/
accept-encoding: gzip, deflate, br
cookie: rmuid=19c9dc22-3942-4a98-a11a-c57c7fb8ac71; icts=2021-10-09T17:09:40Z
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/

Response headers

accept-ranges: bytes
cache-control: max-age=2592000, no-cache
content-length: 16882
content-type: text/html
expires: Fri, 08 Oct 2021 22:09:22 GMT
last-modified: Sat, 09 Oct 2021 17:09:44 GMT
pragma: no-cache
set-cookie: rmuid=19c9dc22-3942-4a98-a11a-c57c7fb8ac71; Path=/; Domain=linksynergy.com; Expires=Sun, 09 Oct 2022 17:09:44 GMT; Secure; SameSite=None icts=2021-10-09T17:09:40Z; Path=/; Domain=linksynergy.com; Expires=Sun, 09 Oct 2022 17:09:44 GMT; Secure; SameSite=None
x-samesite: secure
date: Sat, 09 Oct 2021 17:09:44 GMT
via: 1.1 google
alt-svc: clear

Redirect headers

content-type: text/html; charset=utf-8
location: https://ut.rd.linksynergy.com/pix/5619?type=pos&href=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&_rm_fire3p=true
date: Sat, 09 Oct 2021 17:09:44 GMT
content-length: 168
via: 1.1 google
alt-svc: clear

GET
H2 200 p
consent.linksynergy.com/consent/v3/ 37 B
335 B 48ms
21ms Image
image/gif 34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://consent.linksynergy.com/consent/v3/p?rmch=cs&domain=www.pointtown.com&sought=false&tp=gdpr&attr_sid=115557&purposes=&vendors=&ext_id=8004c562-f850-4385-9897-28acecf1b49b
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.pointtown.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:44 GMT
via: 1.1 google
content-type: image/gif
alt-svc: clear
content-length: 37
x-samesite: secure

GET
H2

200

cs
tags.rd.linksynergy.com/ Frame 1590
Redirect Chain

https://idsync.rlcdn.com/458359.gif?partner_uid=19c9dc22-3942-4a98-a11a-c57c7fb8ac71
https://idsync.rlcdn.com/1000.gif?memo=CPf8GxIwCiwIARCd5gEaJDE5YzlkYzIyLTM5NDItNGE5OC1hMTFhLWM1N2M3ZmI4YWM3MRAAGg0I2JmHiwYSBQjoBxAAQgBKAA
https://tags.rd.linksynergy.com/cs?ns=lr&uid3=213623a6988e0e733c20ba2cc243f65c06f043a528de7fe9041b683b6c9ec3946ac34734d8e453ee

37 B
300 B

37ms
21ms

Image
image/gif

34.98.67.3
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.rd.linksynergy.com/cs?ns=lr&uid3=213623a6988e0e733c20ba2cc243f65c06f043a528de7fe9041b683b6c9ec3946ac34734d8e453ee
Requested by: Host: ut.rd.linksynergy.com
URL: https://ut.rd.linksynergy.com/pix/5619?type=pos&href=https%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex&_rm_fire3p=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.3 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 3.67.98.34.bc.googleusercontent.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ut.rd.linksynergy.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Sat, 09 Oct 2021 17:09:44 GMT
via: 1.1 google
content-type: image/gif
alt-svc: clear
content-length: 37
x-samesite: secure

Redirect headers

date: Sat, 09 Oct 2021 17:09:44 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://tags.rd.linksynergy.com/cs?ns=lr&uid3=213623a6988e0e733c20ba2cc243f65c06f043a528de7fe9041b683b6c9ec3946ac34734d8e453ee
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK data
b70.s79.research.de.com/ Frame 6C47 43 B
308 B 13ms
13ms Image
image/gif 136.243.12.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b70.s79.research.de.com/data?/8dw6FH7AAl2yFuvFfhFwpFTkzFARksFAQtjFKlRNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h309.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:45 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Sat, 09-Oct-21 17:09:44 GMT

GET
H/1.1 200
OK data
b70.s79.research.de.com/ Frame 6C47 43 B
308 B 12ms
11ms Image
image/gif 136.243.12.210
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b70.s79.research.de.com/data?/8dw6GLOBATkzFARksFAQtjFLtJNSA
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 136.243.12.210 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: h309.meetrics.de
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 09 Oct 2021 17:09:46 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/gif
Cache-control: no-cache,no-store,must-revalidate
Connection: keep-alive
Expires: Sat, 09-Oct-21 17:09:45 GMT

Verdicts & Comments Add Verdict or Comment

161 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

60 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.pointtown.com/	1970-01-20 15:21:11	Name: vu Value: dKTewD9s1JuhUJcYDAzJtdouI7ys3fSGdKTewD9s1JuhPgNttHUU6Dd+F7NXedKUKi/Y9CO04DJK2ujfKtHLSMqN6MHhUx9Cwk+nDmz8I0et8ubjOMiiqWqDR6dkIz2LzibSqocmso0
www.pointtown.com/	1970-01-19 21:51:25	Name: cref Value: http%3A%2F%2Fwww.pointtown.com%2Fptu%2Fexchange%2Findex
www.pointtown.com/	1970-01-27 05:01:59	Name: cunibr Value: OLiZJOHjf3J
www.pointtown.com/	1969-12-31 23:59:59	Name: JSESSIONID Value: 3F7CF2D4D7ABD17FE9B8C3ABBC8615C4.tomcat04
.pointtown.com/	1970-01-20 06:35:06	Name: visid_incap_1652102 Value: LU83gedXQQOaEOw29m9SWdHMYWEAAAAAQUIPAAAAAABAqQIQKn395kyIW7gszyv5
.pointtown.com/	1969-12-31 23:59:59	Name: nlbi_1652102 Value: 5AAeWt4/u2f+9rDZTitn/wAAAACj4QAFdtSmTyOHMUQeVqng
.pointtown.com/	1969-12-31 23:59:59	Name: incap_ses_1309_1652102 Value: FKWdHsS5XQCF1PRl3YAqEtHMYWEAAAAAYOZDWnNz1QcFtmnA0MyThg==
.pointtown.com/	1970-01-20 15:21:11	Name: _ga Value: GA1.2.1374866761.1633799379
.pointtown.com/	1970-01-19 21:51:25	Name: _gid Value: GA1.2.223457300.1633799379
.pointtown.com/	1970-01-20 06:35:35	Name: _qg_fts Value: 1633799379
.pointtown.com/	1970-01-20 06:35:35	Name: QGUserId Value: 1124769015857542
.pointtown.com/	1970-01-20 02:09:11	Name: _qg_pushrequest Value: true
.pointtown.com/	1970-01-19 22:10:08	Name: _qg_cm Value: 1
.c.appier.net/	1970-01-20 06:35:35	Name: _auid Value: fNtcdO6hDpCPyixh1MxhYQ
.pointtown.com/	1970-01-19 23:59:35	Name: _fbp Value: fb.1.1633799380871.483041284
.facebook.com/	1970-01-19 23:59:35	Name: fr Value: 0E7bh5DiNTJkr9v3K..BhYczU...1.0.BhYczU.
.linksynergy.com/	1970-01-20 06:35:35	Name: rmuid Value: 19c9dc22-3942-4a98-a11a-c57c7fb8ac71
.linksynergy.com/	1970-01-20 06:35:35	Name: icts Value: 2021-10-09T17:09:40Z
.yieldmanager.com/	1970-01-20 06:35:56	Name: A3 Value: d=AQABBNXMYWECEC00z3BdPiY_8RupuUOlVcsFEgEBAQEeY2FrYQAAAAAA_eMAAA&S=AQAAAtuZkPEDApX0s4PJwCRkbig
.rfihub.com/	1970-01-20 07:11:35	Name: rud Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDAxNTQyNTawMBDiM9RNKQ3J9Axx8iovCDSW4jU0MzY2t7Q0tjA0MLQEANBS5dk0AAAA
.rfihub.com/	1970-01-20 07:11:35	Name: cmd Value: H4sIAAAAAAAAAONiNBTiNTQzNja3tDS2MDQwtAQAeI7T7hIAAAA
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNjU0MTI2NjM3tDAxNTQyNTawMBDiM9RNKQ3J9Axx8iovCDQGAJhzxBAlAAAA
.doubleclick.net/	1970-01-20 07:11:35	Name: IDE Value: AHWqTUlmTPotaawLmxDoKCh6vqxIUYGdXc3jpUsWqg2ttXNV2SVNyD317RuUn_DcwBw
.pointtown.com/	1970-01-20 07:11:35	Name: __gads Value: ID=92c4feea819e2163:T=1633799380:S=ALNI_MYm98wGiqRtCV-uvvqChYLo2nSeBw
.c.appier.net/	1970-01-23 13:25:59	Name: QGUserId Value: 1124769015857542
.casalemedia.com/	1970-01-19 23:59:35	Name: CMPS Value: 5203
.adnxs.com/	1970-01-19 23:59:35	Name: uuid2 Value: 2219662178640436391
.adnxs.com/	1970-01-19 23:59:35	Name: anj Value: dTM7k!M41.D>6NRF']wIg2GU#J8Njv!@wnfH8K6pQK`!5=E<*L5?%M-.RKzv26m62k]=6kk3CfQkNZD4:/`DWu55guP(hw9P-HC_#tt$2)iRg_
.casalemedia.com/	1970-01-19 21:51:25	Name: CMST Value: YWHM1WFhzNUA
.casalemedia.com/	1970-01-20 06:35:35	Name: CMID Value: YWHM1amat.iaK.BkGhoW1wAA
.casalemedia.com/	1970-01-19 23:59:35	Name: CMPRO Value: 1197
.casalemedia.com/	1970-01-20 06:35:35	Name: CMRUM3 Value: 2d6161ccd52760CAESEJc_tnGps7GkTuLaGkwJ_fA
www.pointtown.com/	1970-01-19 21:49:59	Name: ___utmvc Value: 1Q85QqXsSe8pkcn0imQjKZlrOPzEuRaQNUeC6R/K3e7O38CXG0aRdpMnoqYwLgjWVJ/NoN96r94ThSljRzii4zvYxWFsMsWeMdLXRWneWVNY87c/LrdGMDGpI1hJ0mzaxtHcxRGN/xj0LmDFPfdUqkO3skdEhnatShfxSVu7o+4rKbRo936fNwCf3Mq2VW5lzZI6/7bXFuLDdFW6nU86Hpv44WleFCV2L3+UIrLQTQxZiYtbhLsBmwmbY90Pa61xk10A9yIpavJuRg9W/iXOSb0+CPR+QnQO7Qw2PMpMPUXaBUasjfblYLYvJp5dcNUI3nA9bsnlyTZhG6iKVOTk5tNzFEHBqqK52tJ41K9x9vNMbM8VkdZ5gWK1hnAsiMO5RrRPdK/nTei1MCyJ3UlaJ7RzTjMIif+17RYNfNNjEckxuoHzPacStGPh41sR2ThLwdUPcAjt934yn7EAEisHQwduK4kuI6umLIoqFmDkvRcOzrHMaXrJJeKUFpaqhnLYlCCS2t0ekBoCd3xb3qdu30Kn73kc+GwHdNlgKApq3qZYkweewiMehFDIWxRIvVAXHTGffMvDoNk0I7T+WNcslQKDq4LbHIOMWp5w/VXpGza+dWhUuN+T4NIZrVTkE5oC1xBj112OWxtaD621EKCnbxZ+rsjAOUNq7RRXtAaNAkrKHUVT671K+F61VpqSpQywKR16vghdgKMvbqLTCk4Db7/vmVbnTMdWdxtQnCXXlk99xfZDm9h91Mg1iyoN0xrlfnqJrXi5LelTz2+lLiOqCbGGwQc9wxV+7vhIlhyKZ+cQ6JbLMp55e1osUqp92vi9uH10p9JqqgO6G7nsGrditO/IWac8S+jrMgiLBNDtaNQz9KLFeS3mclgh3A2R79LsrwNru+YhbYpIDK/tqpgT9kMM8x/8W0tLlG3nchaJ7CZQvbHXWZVvIJxRssoUAYhpWF9jrfAF0VeWQmM/7v7K7Td5iU5MmPcwwgSAXfgxFbWCwpq72fTA34MOqnc2lzSoAOR1AsV83fCX9huphaOnsvnDMVt5g6nLe0PeiGhEybkmkVw5kWAB1X6bYRU0+mwqACfDW/e/yXjZHZVTgoWp1n+S7MLQb5GuntuzVZ7cWj/22kvMuvkBzsB9Qg0Tot9mhKu0fxbvbnodyPg3ZzUnoDMZhKrsTTdyFkcfVxKwUhlUtTnDr4oOYeCzktTLTvfcmYdlYVXr00i9oPsEpPpvCo7ueZ4N7CdnpdLXJgvnA+cpoFVuJJYYnC8G9PO6mjGqlj4nt4h7qU0cPRd7KBvFNtQ6d6Dq/qg2+7zNpz2ffK4rRVGBK5zYLEjmG9ys8yrC0QlgnXz81bqGJFeprcbRvhyJGTH5V5QMA6K6fKWbj7evDZqjjGlaVmHWd0z4DOJwev0qIwlbJ2DJb7wZaegWuOQI58SjOboka2HwM5v7ip9NpdALO+8uB5lY8ntLCW4/dEcnUHa7fBYBSsj+fZMlKidhd6Xl9PsOW3F5aWbhrg6ieZfVkRMKwf+IXK8i1geFt5OhlpmowB4syMq++uEBBXJW945tftaXUhfz6z82TAo+gvNBAepm8bpfaUqDpR4tgtM9M27OU01+HBxrWj7Bz4ktOrWEqZKNgdSkR7KU5IeRFMnxz3Go0us6pIGb8sFw0ztnafTLHat0/ct4JNKjzAZ6MI2wT/aUFopAIExWbkSV8kYgzyyrUbdIgzhObaeTCm+d7Oc355mqdO2e67TGsu9T5pp4zak6a7bC3m18njVsT+nGIEnCWJFPTm3Gv4+2mSDJgPSXOrc41NbfaoAglc6wjdGhj0xl9S0Igll/SS05ZXcnKeTPN/dH+/jF5/Ck0MRJiLimLc9j2izwefOau5PbjtMIF2a29Asz+nF7Fc4iGU+vZea7ajXi/0EylU9ymfL5tmxPz6jtQMJU0ARuCMszfb7cJrZaHBdsts2wzpjg0ppF3I9QT5YuyBgWFirHQWnpYL3dtYpXf8UTsQ7FBOb7WnbQ/5axYQ+qINjsbGd8d7ErstX/r06JBGVoXiBHXlTz41u52iPGhr14TYS/QkXVl5WPyzdS5JulcTvLEwhL3E75jAeTpnK0i4nnhP66qAPrqnB4xhSpKartLyPbHhPLzMZDHDJJfbJVJiRRApdAPHKZelwXSzuJP9W06vKtZN2VDnYhflVyrHAl/bPHmj5z7KjTMyzeSuBraWPQMHTzi5emm/5tI5S1KoX3yF/g0BiKMkVx1YTphqPGV/QAn6o01Svvjw3tvq7Goycqetb7fVpvUXqMCzNLdgY3FEDKME7e0BV7eVybw3SlbF75JmBmjqBfxxO01chZjMWzNkhHuggI1dKpZvmGMGoiJ8RtB+AhSo1qgd4j61aLUbGqFvnMori0X1zYE13u8hXM6P+fitVnRC5zjXVRCpV56V1wmZ3pf2dN1AzfJ1pnLLNudnCmkisX0g3Cc7KyZgq9GisLQiJGrdPRdX4uYmvh6PlaHU495AkG14Rh/v1bPn3WyfkDz4GW5TvCx0MtyGGaNQXsxzRJjvrkAeSj2rGHna5XKrxJRWUw+1c1Tnx6F8z4wkS5ycwjSA5DmsOJyWUGRAeJE9qUJVj0G2KhZJaUpVP8MnTVmDI12hlfgCy1hASP4xMU8cnzlSY1ei8s/fS8bWqCbqDT2Dd//xeA/1AdJpajucmoKH93EqgZLGRpZ2VzdD0xODQyOTQscz05NTdlN2Y2MTljOTg3ZTdiYWNhYjhlYTk3OTg4OGI4OTliNzlhYTgwOWM3MzZmODU2OTg4ODJhODkzNjg3NGFkNjdhMDdmYWQ4MDg5NzE2Zg==
.yahoo.com/	1970-01-20 06:35:56	Name: A3 Value: d=AQABBNbMYWECEGfXdmZCKk6ui2DyBC2-caoFEgEBAQEeY2FrYQAAAAAA_eMAAA&S=AQAAAlfxEmVlLyPp2-CvrWYQcvA
.3lift.com/	1970-01-19 23:59:35	Name: tluid Value: 15974371582494438413
.adfarm1.adition.com/	1970-01-19 23:59:35	Name: UserID1 Value: 7017114913916975243
.w55c.net/	1970-01-20 07:20:13	Name: wfivefivec Value: 9utMBlde1MzfQW5
.bidswitch.net/	1970-01-20 06:35:35	Name: c Value: 1633799382
.bidswitch.net/	1970-01-20 06:35:35	Name: tuuid_lu Value: 1633799382
.bidswitch.net/	1970-01-20 06:35:35	Name: tuuid Value: af333c3f-ca12-4205-8a04-a25eb514b385
.quantserve.com/	1970-01-19 23:59:35	Name: d Value: EAQBCQG4JIEA
.quantserve.com/	1970-01-20 07:20:13	Name: mc Value: 6161ccd6-1a126-320df-442ab
.analytics.yahoo.com/	1970-01-20 06:37:01	Name: IDSYNC Value: 18yx~20v5
.w55c.net/	1970-01-19 22:33:11	Name: matchgoogle Value: 5
.rfihub.com/	1969-12-31 23:59:59	Name: euds Value: H4sIAAAAAAAAAOOSMXR2dA12dfUycQ_yDjFKMvZISsw0zgiuLHa1LAcA_YR6eB4AAAA
.rfihub.com/	1970-01-20 07:11:35	Name: smd Value: H4sIAAAAAAAAAOPiNTQzNja3tDS2MDI0MgUAlRFPLg8AAAA
.mathtag.com/	1970-01-20 07:15:54	Name: uuid Value: 77436161-ccd6-4800-837d-30c13a2c9498
.mathtag.com/	1970-01-19 22:33:11	Name: mt_mop Value: 4:1633799382
.rfihub.com/	1970-01-20 07:11:35	Name: eud Value: H4sIAAAAAAAAAOOSMXR2dA12dUqJ98g3TPc3tEgJtSj3N6m0LAj0zA_iNTQzNja3tDS2MDQ0MpnFiMQ3MDJYhcZ_hS7PguAbGZqYAgCxxaBpbQAAAA
.scoota.co/	1970-01-20 15:21:11	Name: tuuid Value: 15ff2253-071d-4ec0-a10c-2ab5f965c170
.scoota.co/	1970-01-20 15:21:11	Name: c Value: 1633799382
.scoota.co/	1970-01-20 15:21:11	Name: tuuid_lu Value: 1633799382
.blau.de/	1970-01-19 22:00:04	Name: webShopPV Value: ?partnerId=BLU_DSP_TRA_HAV_34114_PV&mediacode=25093339_4307561_299751472_154735167_PO0903A&ref=25093339_4307561_299751472_154735167_PO0903A
.dc-tag.jp/	1970-01-20 15:21:11	Name: dc_id Value: e51c5631-d958-4e86-98bd-6575b0b99aaa
.turn.com/	1970-01-20 02:09:11	Name: uid Value: 3963588693513467896
.tribalfusion.com/	1970-01-19 23:59:35	Name: ANON_ID Value: a1nseFMwTkF6Xlypr9jDEwRaf9fhdoOCPZc1V53Loxd9JfYWYRkUFAK8mQJ6HC0l8UVVRbFXC0JPu7Sh8B251
.intljs.rmtag.com/	1970-01-20 06:35:35	Name: rmuid Value: 296f8b75-5d71-4ee2-9c9f-11e6814f2c55
.intljs.rmtag.com/	1970-01-20 06:35:35	Name: icts Value: 2021-10-09T17:09:43Z
.rlcdn.com/	1970-01-20 06:35:35	Name: rlas3 Value: MQWhuCBx4t7B+LIOxpU5bpLrVNeF881hgXlRorA0KGI=
.rlcdn.com/	1970-01-19 23:16:23	Name: pxrc Value: CNiZh4sGEgUI6AcQABIGCOTrARAA

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.pointtown.com/ptu/exchange/index Message: Refused to execute script from 'https://ad.yieldmanager.com/pixel?id=2237487&t=1' because its MIME type ('') is not executable, and strict MIME type checking is enabled.
network	error	URL: https://a.t.webtracker.jp/js/a.js Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://sync.adaptv.advertising.com/gg_pixel?google_gid=CAESEC7p_L1BRtoPRKKl6ro-wgU&google_cver=1&google_push=AYg5qPJz_ntwe5f08wzpefw2m4TXDbxH5AcEaBH519gmfdRKIRhhxCda77mpexxys0Maf5sR_xFIbhWU0y5nZc3zlCMHiY0sJKQ Message: Failed to load resource: the server responded with a status of 403 (Forbidden)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20626465p.rfihub.com
a.rfihub.com
a.t.webtracker.jp
a.tribalfusion.com
ad.turn.com
ad.yieldmanager.com
adservice.google.com
adservice.google.de
aiqua-config.c.appier.net
aiqua-sdk.c.appier.net
aiqua-user.c.appier.net
analytics.karakuri.ai
api.quantumgraph.com
b70.s79.research.de.com
bam-cell.nr-data.net
c.amazon-adsystem.com
cache.img.gmo.jp
cdn.jsdelivr.net
cdn.qgr.ph
cdn.qgraph.io
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
connect.facebook.net
consent.linksynergy.com
d0624c6bec62c7537028141308a2ecf1.safeframe.googlesyndication.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eb2.3lift.com
gocm.c.appier.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
img.pointtown.com
intljs.rmtag.com
jp-tags.mediaforge.com
js-agent.newrelic.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
pm.w55c.net
pointtown.karakuri.ai
portal.blau.de
r.scoota.co
r.turn.com
s.dc-tag.jp
s.tribalfusion.com
s0.2mdn.net
s79.mxcdn.net
s79.research.de.com
securepubads.g.doubleclick.net
stat.meetrics.net
sync.adaptv.advertising.com
sync.mathtag.com
t.dc-tag.jp
tags.rd.linksynergy.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
ut.rd.linksynergy.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.pointtown.com
x.bidswitch.net
13.251.209.234
13.32.21.201
13.32.29.123
13.32.29.46
136.243.12.210
136.243.13.222
142.250.181.226
142.250.184.194
142.250.185.130
142.250.185.226
143.204.209.38
143.204.209.90
144.76.202.54
151.101.130.137
162.247.243.147
163.171.132.119
172.104.64.149
18.141.68.152
18.193.90.196
185.29.134.248
193.0.160.129
2001:678:cb4:bbbb::11
23.218.208.133
23.218.208.246
2406:da14:9ab:eb00:a656:c6e4:eb32:a5a1
2600:9000:206f:3e00:1d:253d:9ac0:93a1
2600:9000:214f:f800:8:20a4:6400:93a1
2606:4700::6810:135e
2606:4700::6810:5614
2606:4700::6812:d05
2620:112:f002:bbbb::21
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:80:800::7001
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:803::2001
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:812::200e
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.123.163.175
3.126.56.137
3.230.12.180
34.102.147.248
34.107.220.231
34.98.67.3
35.244.174.68
37.252.172.249
45.60.1.176
52.17.35.107
52.76.182.76
54.251.50.59
69.173.144.165
76.223.111.18
82.113.101.236
85.114.159.118
006298b3e558796bc647f15131e430d79ffffd61e01aca13c13d369cf172a1b5
02321369b2a5aeac14713a6b6bcc359d2ab9ca41cbad43a3c6d4d41997f02c94
03571f8dee609155fdacb1a46e1f5667472674de39f9c4070098c6f4a5da23e9
0401d2177016be36142e4ffb48989c6e1c899bf115b17dcfd919e1e8897f4122
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0b30ec4212b4d3ac0aa2a16c90cdc7b48712ca69efd1c3a1190be4ca00d82b97
0b4cc12ccd09adacbf7695b7ae68d146a6b9bfa7a2058dbd4e58f31c14ec5e7e
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0db80e4ae35fcf307507f9ced66fe9ccb3147c1ea12a60ea034092e6aa3ebf40
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11f2fe11ae37914ad125e4152860202887ba65de5bf7f065ff943abc69789242
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12843f4d1ccc85381bcadb732010be489c3c5675ac4aaff2532614c4c5c88bb2
1398f9b764e8dc4170c8d929fd94aaefd1fc2e1855efdc7774ddd8b43ae51894
13aa1cce312c556e10172c54bb121ffd99176003329083de808554d0ed8ef4d9
14b3f791ef7f9a7ee3f848cfa99c531f7996b4ee6836ce5094ef2a5e708c8702
15a526168ca29e497314618c7ae3662aa2bcbe155972f8f4d73e7d73fe175284
174efb8103abcffec1a21e6fe241f47b7593b4fcc719c0d09765bfad7fffc950
1c25140a095e7f3d55ac9a2ab4a5cfff3926a42239e9cbecc726ccabef1760d9
1c3d1be2831bd26e73aae329fff315aa163c9dd9eba845e76cd8e68e27c981cb
1cac729fe76b84bf44beaa675f20b892dd15bc3dfba874a5e82dc2f7489c1906
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
28a0e5132a5e6829077ed8e4b6d37c9c1687e753745818acd146f30adcd12cea
2bc2179dbcac09de834853fc91b815d3bea8112276b7b789f610078d399bcb47
2bc98b5956d216197013af35c909aa49d3aa7c26b48de9e9930eb4bd6b846391
2cff7ab03cb4e476b49ea05511c6cfcc71af6d5ed20d40e9b40ee31062149e77
326b994ec59c7334f52211fbd5aa909a36b98d1717cb798bfcd3af8d4cbdb6ca
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
35ecb1b0e7a294fe40ea80c66f29830388d9b08ba35561456fd9373499471dec
361284b75267c0ed3e3e954eb84d3984ff7c27118bc189e5fc47cd6aa88ab914
36dcf389b964b72596d70dd499749417f143a56d576aff13b492ce5dc77371b4
38ca85b8dd955cc4d082294f490f5b39603144d078bebba3cb93b64226914b52
3a90d7200a98b9cc9e351c6142d585c797f0fb61fdf087fe49e88ab2cb39bfd9
3b710dda00baf5f393f5a35e34fd928a9f29cc5f019ba019d2ce2f186afed5a8
3e63378e8ea523795d2190def7c478e834358c61e3dd43f306248000c6afb2ae
3faef3ab24f899e7da9b111647730472eba2f691ac3f81b6aafdbb8c64470bde
3ff0dd59e5073e63dbf7b6bd5d11242d1ff27e279be9a2c8026de54ac434b8c8
421ab9fa4c9a8a48bfbc0c95388c063f0f21a774d7b00afd01f1ae52d2b15452
45e8b9449153aea2920ff767445a139865144dbdd8fa42cda960070cc28cac5f
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
46c82dfba09257fc5dd841024136c59c14c403e4236e188e0f0000a05ceda0c2
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
47c1922a0a583d32b54d29bffbd4d3f85a69cb7614b9af8c231da41107c78aa2
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4994fa132832268cd7a1e300bbe5aaa06b1618d6a8394cd07af090119c35a3cf
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d30bebd4270ebaf8487d4a6acc781c259fa2d2b309085ad42a0ce10a744b295
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50bd86fc2714a7aade23d492f60cf427aad1e6cbfbaf7be521bdbdcb6c43015f
5120f35e394e169ac0839405dbd6e680163a4e02f060f5a6a833ebfacf35d966
51707b58bbec62b8ba51360216e55f57968674aafccd46f8642ff25fbb1c9310
51896cb4e932803b983cf59d85b20c705f42a891fa0c9c408e3cb267b5bb949c
5432199a50d8bea143e211af334fb0b20f4128216fae0ec1157d6dd20aee847c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54980d0ce1ab462210a69cea7a8f61f66d7baf954c2fba0dc4030a6b6e7cb36f
54c9b7b6cd393fbb59ca434ceb7af9c2a5ec2f8700e83ad6af48066c5b39dddf
581ee406dafb31a0ac624c7936b06794993ee4593f1d3d5793a6453a458e05a8
58b252082bedce82af7a5028a88dcedd9a41a5497348f3d87cd7242df04efbeb
5b8810ee64bade6fc49a6c0948f933337663c3df9526ed7e21694b728a15818e
5c09beee029ab0e5c6a32642fd1aca2c0f265d6dfe7802a5b828e4d22ba242e9
5c9fe2398f91980a3e7b018078f5b53336dbef9a73692580b06160dd0850a347
5d4378f2cdc0b3e1796b1fba88c50d3a0a49ceb637a5980fbb4f81ac6b155962
5f8e256e90f2d850f0af3ad460cdf5746c01802b703289222b99b11658f0775e
60c83cdb384e027b1776929cd1409dccb57b2dbfba2a66594f70cc3ca4931d48
60f0f055fc233f379cbcb4136087ea4d530b57731cce0d2998ae9ba45f6eae13
62de308ffefb46fdda35cfa1c43d63a4fa37d0585d181a87979841f5073ca9eb
63645b9300848dd291095cb7898b6b2ad97a18c2bd705d74ae85a8a7358f79ec
63f1cebd64cdea3b722ec40556c68e7aac14925468f6b21006ea23784f1eb06e
64867a684bebf5caaffd14701f09d1bbe11341f86535a9133c4f58059fef057e
65ec5e0481c4ceacde8c5e8fab9d5305fc68496b8c75d7d58fb0e91feaf7f598
66d16c2ab65c655306eabf93c30e4f5a39895bd3ef39fd7b6b1c0595a5ced3fe
66f8892c2fe89cbc5b8cb510e223ca7fa8fbe9e88b0fa43bf492ee73df82e5e9
67cf5c21bfc71ee46210832792237e4a6ccd99e5c7bc198b046a38c9167fd0ab
687bc481fd5afd95634e9419fa20ef4335c0a98f74ec1ba2e62fa0424ca340e6
69e6b0b3d50b4e464e3ecb55f50791824de80fd159e9400df81594c23f97bdca
6abf325c14b586988e2113fdf7a1817774672117eebb385727d6f080f1ff2133
6c7a3654d5f845144a36fcbdbd50f2fa3d6d71c78f5fad4e187f8ded460f5134
6d8aa408a8d204aeb607b29d7bc027d300b7120b9806e37eef3f2d4e701b98db
6ee2be9b7305fa653bdb5924791639f9203012594f21e3d040739c727b1d2c29
6f2e4fec40f1d5ec4df0f2e053446eea92bad12279ac0c7c0628de62bde89db8
6f741883eafc84067b80014e53fbfab2505aca4f7cf767b17404a291fffb79d4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7488d8d7b00d2e9f8bb00d8410094f4a06903d46280811cbf0cc9f6d8049712c
76dcfd5aef754bf42757fa996d626df30add716aefaa9f100fbf4f3a68367b41
7770fb287496ea4c36d2ac2f7ee6200008b73da0ec061c4d7e6d7a591df92fd5
7779892073647617575bf057109f3e9f1dca8fdfdf1a38a98e4d610e03b4ce9c
79b208a19742aa53a96b0902c3b88c3434687c4b2453842d82a50c7b4080417e
80311e1c7ee648e8b88655101e148e03a18e78c82a957495fc3827e8a810627f
81878d8106b8d4189a23d914a6a0c92f1a02cabe911c349f0521102e95338b37
86f914525550841ce75cf1f7c93cae973cc2288e4d5bbb9ba8faf291ca5b39bf
887082c7c55ef21e3fe12277e3df57c9abb8f4d98705e3a22a371c0a29cb60ba
8b64921997bfcfd4e9b15810b9107a3686e5daca86e15624744940090231d0c6
8dac7d60435176261e7ba763fae4212b7f53907b287a2307d5de147762ffe6c6
8e99ab7bc3c433795138b09e71a29e36853306303f5016b946e2a00333d26c66
8f397d4bc89f4ffacb1082386934665b0825d64c1864e4ca4895c1e28da6137f
9092d51e36d7ac45e785403e1c27f0635e10bec47c1b0e4a077832ca16640a72
91d7228068f0ba3d2385d75a84de02145b4ee8d90ff47c14e00d650a4507a55e
92426eb5437b357b9046670556ba89baa8384edcc8734f56b813745bdb9e1cc6
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
962a59e4144305a4dc3dbc341f78daba2cc339f90dbd1adc0248201f8a59066d
98bb1c2a6246790bd895feb3bc474f09daae152693c8c5086e28e56ac5f7b94d
98e6a500c643be161caeaa733cc390d13284e798fd3c6c42e1445d710fc4bcd2
9984228f3680e18f4ba77c01b6bd0ea7568e0b27a92e913a3be7c4bee7f66e8e
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9bfef52d4ef4cc6f06efcc7a8584987f607710b73b0464606ec66890f8605c06
9de66fc6de107331d90cb0d82cbf8cac5eeaca0c9321a0b2553942ddb3a57299
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0250bba6f453cf69c7ce667527d834b9c14917feb67722c0dd7219b6f772bde
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a3a7f026c820b65a76c6c5a283a64a3c5f9c3ab89ff8243f9e3ef457795ad9b6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a6ded06867453d17de2f280da971358c457e5b4490c0a5b6199c4f887b893a63
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab1bf04a1db025b6899895a089a4fd3fcd06c38bd39c015c6eb2e6dba4f3d5d8
ab9b371a0e64a356d81db16e65a208a1d63975b4fc549734c28fd936f17c1f55
adfbfed6e89b188ec9a6c5302b9aecd065b7d269f156606e2b0acbfb010557a4
af9c8d9f3b6d51cce9865aa2a24781f603857582ceb9d1ceeafcf3ae5c79b8b4
b02a3233f069f3f0ccfd31f2021073f91e74b438c7b69d201dd5c1719557f321
b05290089ca07dfafde613f9988a193a4cf0a0eeabc6a8ccd951a26924b3a1bb
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b15e42f0bb6955af7f4194d03413f1e7fbc2623f9a13c0452e4a38412086d500
b1f059b02e47977e7fececa9e051420a2f7426bfc68bf20b402e596e909def41
b2732f593e4de0876048948d71b5c75f140349eaed97c3d2b15a25fa74863058
b2dd1d6a2411500d1f8ce0c5f79c34d3a30a38331269301f1efc85c8c3a8507d
b3be43e9895d8534ef76aaa72ec0b25fb839658f9032595e99f823622fcb439b
b70d605149de85cfa97f786b1647e45720d97ec345028069905055b727d2c22e
ba7ad3820cc7327ed4365c6895d489bcb731857d9af08d7b1c144825379f54b3
ba85ff98bcc93beb0bb5c716df720cf3317f7e98c1a16e86e2ff4bcdd0ff4943
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb974e04e42ba2843f28402f78c6c877f10ad6fbdbe006598ac34998f9eb15aa
bcad36a72dbc1761ef55d73706876aef910405d11565b9598dc2fed877be339e
beccf0b1d2de9e9bd905ca3a5879e86aef630e99e6189c073a025ed9f7dcd6fc
c0c74832c7e402c092ccb3789dcd2407e52ea661c59c612d63d186c830c02200
c15ddad8ddf1d3fbefe596f610ccd48861370769456835c38134719da8eb9cec
c3b9f270b6d7efddcc5cc023806aadc5b299cdf5cc69f9fdf40037981d85ac5f
c4785de28130c31a872de32d771ad9b5d7f0eeb88418fdbb3b31c095ae78f52f
c4d8dbe77feb63e5a61bee0bead4e5f66e8fa6a927599bd1b74aced52467273c
c4e28f457f2dcddef9f1bf5b8aca5edc7ac8c0096d5dd54e5c73fc29e88dfea6
c9b4539b85a585ff1eccd9ccfba623af6d0ed0b55f0c52fcf2d9c51be690e87c
cb3d301ff7eda349f8f654f937d41ffc42df59a2e8deeebb2c7ee81bc497505a
cc285af9086c6728dad1d1dfd23e1db87c0db1fe761f894021d0d2d8d125f038
cc5b96d9c0c9e330adc0f383e242040e6c3e570cd084b4ce49b8e7dac77e6174
cdcfd2c4489c22333d330be4860a63ba699409dc36bde582df1c25603d69be26
cdffd128506955a2add72e28ef4f901c6866a47fd6a0e3bed1d08edf4a5be25b
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d14a380636db71f22c31116e6e27cffdf2ef947bc937b696c27b6ebb227b7717
d1763b6b8c0c257b50eb8d68290cd3093b2765e0c2a3497319e5d0f646ad407d
d185ec7e5054dc2168ae473b271db7003399f752afd29ba43b0822f88cd201f1
d1f83068bd8f765019b3d89d8932c48f49da004394e40f8bef20acc2852e7db7
d1fb3ca8b805d24844e7743e77f859ec10bae88ba9fafa3fca79f82ef018a7e3
d2aca5bef3584995bd72287db06d8ee313b6e44e10b2555d18c74da063a6ccfd
d44d620eea3ff8eeb60c5328ecbc5b00ee6a37e5354184e71120fb7cdc64b3e0
d4fca7924f9afa97353d74e7830ace05ae30cdf0953996e7f33bc3d9cb9ae8b1
d6efd723a3dfa7d6e940db90915ee1516df1c4e153aae58603f3f7002588ea11
d7a5efe1f86d122083972a7a68f6561d10e52de4d7c45ebeddecead6026b6b94
da263eff6489f28a35d328a1a5895db9adb14c22c40cd35d0afce85414cac701
dac715f087720dd7ff7067f5d2ec1988851fa93140ae8a9cbfaa15659dd7fd82
db83548dd43bbdff1b37e57475a1b45f329694ddf46dfa7eb3f99b1c5b565838
dcf3eacec7fc794cd0ce5a8c0b4c84fb1260a077cdb3ade36524f393a3f11709
de1e399b07289f3b0a8d35142e363e128124a1185770e214e25e58030dad48e5
de8b6c1956087b0732071bebf76481a37f38becb52d5f9badb607e98f4592a49
e1039b942a52729c7bd4fe9427a4f8a86816142ef90dd2be9b6ffcd353145a02
e38a0edbb2ac3e6f0e89ad9b3e3f335108374948ae2af741a07df164985fbef1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e46eb58f99814c32c849b97a268129ddb14ca88e9070964ee75a2cd987c66839
e4b1e0ff6673068c8a4706809a7a279c023e57be88900bf71fdcab202b8f03f8
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e65040e803e2cc6f1129690f05e138227209f28538bf3732fd3fb362d91d00f4
e65077b9f98ed3432e0878f87dbfdd4358108111dcc6ec44ddefe19d1c85c0e6
e6c7a911b2262af474cb07fc64861a1fca560c349f579267602793a29def7e7f
e96cb07afdac92a8c77fbd5b9bb721e548070f4657f4f1e71329d2fd9032be47
e9b62726c16a24a6c96dfdf09813ae3f6d676bec3d70d8665035e138711e4d91
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efa5ec86d21c989441e57935ee71e14fd4da584a43a6dbe3b28e7933778dcdfb
f017e2bdbd49874f1f43cdbc6de927af1eeec6effbc40ad6a546a2b6e0bfb9e1
f3c2f272b4bb3a71409dd7ef400c15e01c560fd1966220bad4cfab3487986ca6
f48741cbb963ac52af710cabc65acee72eadefe44f08e4b47a25a675ac09992d
f4a4d6c34e73e515d199f3bd0642480dcbb80e7729c64a570ada6bb9b99d0153
f516a560000c906018a6737651cd718cbda8195c27ba4a077e9281c11b27f518
f57c4c7b33cfd3604dc84f037609639b1e2e7c382d35c162bf7c18f58a7c357d
f581f10bf67688ccbc6b363399b9e01c660ce0e893bf3a60f03abc18baccde8e
f84dbe57dce4bab6795eeed7df3ee945dce10862c4b321b8b72bec73a8a18bec
f89afa533ee24b3e3e335bc5c0660e1c89d95e0fa11beca8da9fc8862a221ef4
fa1c7f990a736f10a8c16d2823c88a5f0c46e355b1ea630a33fc3ea157d4e0d4
fce6b96478e2ba0bf5ba721a979bad117db6317a23a5c4edd889049f01cb426c
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe50cdc595b48e11bfb0ed60a43455f226be0ece34e41d25183ccdbbd9e11658

www.pointtown.com Open in urlscan Pro 45.60.1.176 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

250 Requests

100 %HTTPS

37 %IPv6

48 Domains

68 Subdomains

54 IPs

6 Countries

3401 kBTransfer

6535 kBSize

60 Cookies

85 Outgoing links

Redirected requests

250 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pointtown.com Open in urlscan Pro
45.60.1.176 Public Scan

Screenshot
Live screenshot

Full Image

250
Requests

100 %
HTTPS

37 %
IPv6

48
Domains

68
Subdomains

54
IPs

6
Countries

3401 kB
Transfer

6535 kB
Size

60
Cookies

250 HTTP transactions
2 data transactions