urlscan.io logo urlscan.io
SecurityTrails logo

yehapost.com Open in urlscan Pro
107.180.55.16  Public Scan

Go To Rescan Add Verdict Report
URL: https://yehapost.com/
Submission: On December 23 via automatic, source certstream-suspicious — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 26 IPs in 4 countries across 16 domains to perform 90 HTTP transactions. The main IP is 107.180.55.16, located in Ashburn, United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is yehapost.com.
TLS certificate: Issued by R3 on May 5th 2021. Valid for: 3 months.
This is the only time yehapost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
24 107.180.55.16 26496 (AS-26496-...)
8 2a00:1450:400... 15169 (GOOGLE)
1 2 52.29.135.143 16509 (AMAZON-02)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
2 2a03:2880:f02... 32934 (FACEBOOK)
8 2a00:1450:400... 15169 (GOOGLE)
2 52.29.90.161 16509 (AMAZON-02)
2 52.29.136.90 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:221... 16509 (AMAZON-02)
1 2a02:2638::2 44788 (ASN-CRITE...)
1 2a02:2638::b 44788 (ASN-CRITE...)
5 2a00:1450:400... 15169 (GOOGLE)
9 2a02:2638:1::3 44788 (ASN-CRITE...)
1 178.250.0.160 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
9 2a02:2638:1::8 44788 (ASN-CRITE...)
2 2a02:2638:1::17 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
90 26
24    107.180.55.16 (Ashburn, United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: 16.55.180.107.host.secureserver.net
yehapost.com
8    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    52.29.135.143 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-135-143.eu-central-1.compute.amazonaws.com
seersco.com
cmp.seersco.com
1    2606:4700::6812:bcf (United States)

ASN13335 (CLOUDFLARENET, US)
maxcdn.bootstrapcdn.com
1    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
1    2600:9000:2057:fa00:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
ws.sharethis.com
2    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
8    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
2    52.29.90.161 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-90-161.eu-central-1.compute.amazonaws.com
cdn-auth.seersco.com
2    52.29.136.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-29-136-90.eu-central-1.compute.amazonaws.com
l.sharethis.com
2    2a00:1450:400d:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
partner.googleadservices.com
1    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
2    2600:9000:221b:0:2:de67:3280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.seersco.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
1    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
5    2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
9    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    2a02:2638:1::8 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
pix.eu.criteo.net
2    2a02:2638:1::17 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
24 yehapost.com
yehapost.com
212 KB
20 criteo.net
static.criteo.net — Cisco Umbrella Rank: 637
pix.eu.criteo.net — Cisco Umbrella Rank: 7930
csm.eu.criteo.net — Cisco Umbrella Rank: 8005
331 KB
13 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 101
tpc.googlesyndication.com — Cisco Umbrella Rank: 139
264 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
23 KB
6 seersco.com
seersco.com — Cisco Umbrella Rank: 350002
cmp.seersco.com
cdn-auth.seersco.com — Cisco Umbrella Rank: 762033
cdn.seersco.com — Cisco Umbrella Rank: 410687
84 KB
3 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14173
ads.eu.criteo.com — Cisco Umbrella Rank: 7675
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9611
47 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 72
www.google.com — Cisco Umbrella Rank: 2
2 KB
3 sharethis.com
ws.sharethis.com — Cisco Umbrella Rank: 8871
l.sharethis.com — Cisco Umbrella Rank: 4708
9 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8549
914 B
2 gstatic.com
fonts.gstatic.com
79 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 149
87 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 37
ajax.googleapis.com — Cisco Umbrella Rank: 304
85 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 211
5 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 188
47 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 830
695 B
1 bootstrapcdn.com
maxcdn.bootstrapcdn.com — Cisco Umbrella Rank: 757
6 KB
90 16
Domain Requested by
24 yehapost.com yehapost.com
9 pix.eu.criteo.net ads.eu.criteo.com
9 static.criteo.net ads.eu.criteo.com
8 pagead2.googlesyndication.com yehapost.com
pagead2.googlesyndication.com
www.googletagservices.com
tpc.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
yehapost.com
5 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
2 csm.eu.criteo.net ads.eu.criteo.com
2 cdn.seersco.com seersco.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 fonts.gstatic.com fonts.googleapis.com
2 l.sharethis.com ws.sharethis.com
yehapost.com
2 cdn-auth.seersco.com seersco.com
2 connect.facebook.net yehapost.com
connect.facebook.net
1 www.google.com tpc.googlesyndication.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.fr.eu.criteo.com ads.eu.criteo.com
1 www.googletagservices.com googleads.g.doubleclick.net
1 ads.eu.criteo.com googleads.g.doubleclick.net
1 rtb.fr.eu.criteo.com yehapost.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ws.sharethis.com yehapost.com
1 ajax.googleapis.com yehapost.com
1 fonts.googleapis.com yehapost.com
1 maxcdn.bootstrapcdn.com yehapost.com
1 cmp.seersco.com yehapost.com
1 seersco.com 1 redirects
90 27

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.linkedin.com
seersco.com
Subject Issuer Validity Valid
yehapost.com
R3		 2021-05-05 -
2021-08-03		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-01-29 -
2023-01-29		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sharethis.com
Amazon		 2022-06-19 -
2023-07-18		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2022-10-02 -
2022-12-31		 3 months crt.sh
*.seersco.com
Amazon		 2022-10-11 -
2023-11-10		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-07 -
2023-03-12		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-22 -
2023-03-26		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-08 -
2023-02-04		 3 months crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-11-01 -
2023-02-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh

This page contains 10 frames:

Primary Page: https://yehapost.com/
Frame ID: BC15627124B7F089C2E9EEF6C2C1009D
Requests: 49 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Frame ID: 77427CEC1DBE43CEDEF6D6FC298AAC94
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2812497099875904&output=html&adk=1812271804&adf=3025194257&lmt=1671817836&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x945_r&tp=site_kit&format=0x0&url=https%3A%2F%2Fyehapost.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671817836707&bpp=5&bdt=650&idt=51&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8479715701122&frm=20&pv=2&ga_vid=1252710638.1671817837&ga_sid=1671817837&ga_hid=1784971943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44778780%2C31071276%2C44780792&oid=2&pvsid=647202426158716&tmod=1498203179&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=74
Frame ID: 4923932F9CD59EF6DA11C5CFE47FBE0E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2812497099875904&output=html&h=280&slotname=3257629632&adk=1901316995&adf=1739762991&pi=t.ma~as.3257629632&w=848&fwrn=4&fwrnh=100&lmt=1671817836&rafmt=1&tp=site_kit&format=848x280&url=https%3A%2F%2Fyehapost.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671817836729&bpp=9&bdt=672&idt=61&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8479715701122&frm=20&pv=1&ga_vid=1252710638.1671817837&ga_sid=1671817837&ga_hid=1784971943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=818&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44778780%2C31071276%2C44780792&oid=2&pvsid=647202426158716&tmod=1498203179&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2MSF5YMdSe&p=https%3A//yehapost.com&dtd=66
Frame ID: 55A34DF4F3064653C28AB7A667C6CC63
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2812497099875904&output=html&h=280&slotname=3257629632&adk=3082843284&adf=851714739&pi=t.ma~as.3257629632&w=848&fwrn=4&fwrnh=100&lmt=1671817836&rafmt=1&tp=site_kit&format=848x280&url=https%3A%2F%2Fyehapost.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671817836746&bpp=1&bdt=689&idt=67&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=1&correlator=8479715701122&frm=20&pv=1&ga_vid=1252710638.1671817837&ga_sid=1671817837&ga_hid=1784971943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44778780%2C31071276%2C44780792&oid=2&pvsid=647202426158716&tmod=1498203179&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GS36ipk1P4&p=https%3A//yehapost.com&dtd=69
Frame ID: 973982B79DA4806490B5AF2C6CCE0627
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2812497099875904&output=html&h=600&slotname=9322907746&adk=821674547&adf=3835709467&pi=t.ma~as.9322907746&w=263&fwrn=4&fwrnh=100&lmt=1671817836&rafmt=1&tp=site_kit&format=263x600&url=https%3A%2F%2Fyehapost.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671817836747&bpp=1&bdt=690&idt=72&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280&nras=1&correlator=8479715701122&frm=20&pv=1&ga_vid=1252710638.1671817837&ga_sid=1671817837&ga_hid=1784971943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44778780%2C31071276%2C44780792&oid=2&pvsid=647202426158716&tmod=1498203179&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=k415sF6yT3&p=https%3A//yehapost.com&dtd=74
Frame ID: 357449EEC9DAD92EEC7177472ED5CC15
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Frame ID: 92FA9C1CECD06B6D19A1C1EEED87263C
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Frame ID: 8095445E194A34F77CD158041E5BDDAA
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FC7A1B64FFF7B935FC2431560D459D46
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7CDC2730B1EAA623CC06994F5EC383C2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

HOME - YEHA POST Close

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • seersco.com/script/cb\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

90
Requests

72 %
HTTPS

80 %
IPv6

16
Domains

27
Subdomains

26
IPs

4
Countries

1283 kB
Transfer

2756 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://seersco.com/script/cb.js HTTP 301
  • https://cmp.seersco.com/script/cb.js

90 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
yehapost.com/ 		25 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache / PHP/7.2.34
Resource Hash
5a9671638cb9686461c833506b6f3dbbaf41cf84b012eec4add3eef7ac6c962f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-length
6345
content-type
text/html; charset=UTF-8
date
Fri, 23 Dec 2022 17:50:35 GMT
link
<https://yehapost.com/wp-json/>; rel="https://api.w.org/", <https://yehapost.com/wp-json/wp/v2/pages/125>; rel="alternate"; type="application/json", <https://yehapost.com/>; rel=shortlink
server
Apache
vary
Accept-Encoding
x-powered-by
PHP/7.2.34
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
005ed406125da4d8dc754e09115cb462bac77964d70ae824757288f008f8adc3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
49519
x-xss-protection
0
server
cafe
etag
10768188911989165609
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 17:50:36 GMT
cb.js
cmp.seersco.com/script/
Redirect Chain
  • https://seersco.com/script/cb.js
  • https://cmp.seersco.com/script/cb.js
11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.seersco.com/script/cb.js
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Server
52.29.135.143 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-135-143.eu-central-1.compute.amazonaws.com
Software
Apache/2.4.53 () OpenSSL/1.0.2k-fips PHP/8.0.16 / PHP/8.0.16
Resource Hash
540de2d34a45628a8f78145f52e384bde6806241ab2a5c13f81b894ff958b84b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
gzip
server
Apache/2.4.53 () OpenSSL/1.0.2k-fips PHP/8.0.16
x-powered-by
PHP/8.0.16
vary
Accept-Encoding
access-control-allow-methods
PUT, GET, POST, DELETE, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
accept
application/json
cache-control
no-cache, private, max-age=2592000
access-control-allow-headers
X-Requested-With
expires
Sun, 22 Jan 2023 17:50:36 GMT

Redirect headers

location
https://cmp.seersco.com/script/cb.js
date
Fri, 23 Dec 2022 17:50:36 GMT
server
Apache/2.4.53 () OpenSSL/1.0.2k-fips PHP/8.0.16
content-length
244
content-type
text/html; charset=iso-8859-1
style.min.css
yehapost.com/wp-includes/css/dist/block-library/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Wed, 17 Feb 2021 14:16:26 GMT
server
Apache
etag
"2260abd-c88a-5bb88dd484280-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7419
theme.min.css
yehapost.com/wp-includes/css/dist/block-library/ 		2 KB
727 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-includes/css/dist/block-library/theme.min.css?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Tue, 13 Oct 2020 13:10:30 GMT
server
Apache
etag
"2260abc-8f9-5b18d23a3dd80-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
646
wpautoterms.css
yehapost.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/ 		547 B
222 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/css/wpautoterms.css?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 12:18:22 GMT
server
Apache
etag
"22417ed-223-5bd2da9b5edf5-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
142
cookie-style.css
yehapost.com/wp-content/plugins/seers-cookie-consent-banner-privacy-policy/css/ 		22 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/plugins/seers-cookie-consent-banner-privacy-policy/css/cookie-style.css?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
6a74f9c8b17fc9f9df69e30b8800410e4f1b58bd0c7f4b1659a10f356723a7d8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Thu, 28 Jan 2021 12:26:53 GMT
server
Apache
etag
"2220fe4-5919-5b9f500b3c9ce-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
3788
popup.css
yehapost.com/wp-content/plugins/seers-cookie-consent-banner-privacy-policy/css/ 		4 KB
1001 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/plugins/seers-cookie-consent-banner-privacy-policy/css/popup.css?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
2c203a6733a25a4d2bb3bf2c1cc3a31c793cc3cc18b11a7c9201f6b4cb3b569a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Thu, 28 Jan 2021 12:26:53 GMT
server
Apache
etag
"2220fe3-107d-5b9f500b3b646-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
884
font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://maxcdn.bootstrapcdn.com/font-awesome/4.3.0/css/font-awesome.min.css?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:bcf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
cdn-edgestorageid
860
age
5770689
cdn-cachedat
08/25/2022 04:42:40
cdn-pullzone
252412
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 25 Jan 2021 22:04:54 GMT
cdn-proxyver
1.02
cdn-requestpullcode
200
server
cloudflare
etag
W/"04425bbdc6243fc6e54bf8984fe50330"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
b1941f61-b576-4f40-80de-5677acb38f74
cache-control
public, max-age=31919000
cdn-requestid
071138870ab3b1bf8f9397dd38a64243
timing-allow-origin
*
cdn-requestcountrycode
DE
cdn-status
200
cf-ray
77e2f0c3ca8c9c0d-FRA
cdn-requestpullsuccess
True
font-awesome.min.css
yehapost.com/wp-content/themes/education-hub-pro/third-party/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/themes/education-hub-pro/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 14:49:23 GMT
server
Apache
etag
"2220b06-7918-5b8f17a640434-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
6663
css
fonts.googleapis.com/ 		28 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Merriweather+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C300%2C400%2C600%7COpen+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C300%2C400%2C600&subset=latin%2Clatin-ext
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ae0ff1da916608a628467eb58f09b4a0375e2f395b15c6baed836b3b1e4e9a7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 17:40:40 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 23 Dec 2022 17:50:36 GMT
style.css
yehapost.com/wp-content/themes/education-hub-pro/ 		86 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/themes/education-hub-pro/style.css?ver=3.4
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
b1c45cf6f3db747573e74bfa51d51fdd3296bf7b34e800e6622c149f69a3ddde

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 14:49:23 GMT
server
Apache
etag
"2220a0b-1577b-5b8f17a62cf9c-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
14403
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/2.1.1/ 		82 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/2.1.1/jquery.min.js?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 04:21:19 GMT
x-content-type-options
nosniff
age
394157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
84245
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 04:21:19 GMT
jquery.min.js
yehapost.com/wp-includes/js/jquery/ 		87 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Wed, 07 Oct 2020 16:33:25 GMT
server
Apache
etag
"2260e74-15d98-5b11746475f40-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
30314
jquery-migrate.min.js
yehapost.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Thu, 19 Nov 2020 09:31:13 GMT
server
Apache
etag
"2260e6c-2bd8-5b472638cda40-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3998
wp-polyfill.min.js
yehapost.com/wp-includes/js/dist/vendor/ 		97 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Mon, 29 Jun 2020 11:50:29 GMT
server
Apache
etag
"2260d61-183ee-5a937aa4cab40-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
32644
dom-ready.min.js
yehapost.com/wp-includes/js/dist/ 		1 KB
626 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-includes/js/dist/dom-ready.min.js?ver=93db39f6fe07a70cb9217310bec0a531
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Wed, 08 Sep 2021 21:13:23 GMT
server
Apache
etag
"2260db6-4c9-5cb825a3282c0-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
545
base.js
yehapost.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/ 		481 B
280 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/plugins/auto-terms-of-service-and-privacy-policy/js/base.js?ver=2.4.4
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
76aba5d4e5db7eb218d6a1378af48dcc252d19e159d7340681b8b723b32d403a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Wed, 10 Mar 2021 12:18:21 GMT
server
Apache
etag
"2241620-1e1-5bd2da9aee52a-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
201
st_insights.js
ws.sharethis.com/button/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fa00:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
a0dc45b07153920d06e669676d8d6a7592971683f1381aefc5c95b83dd62a2bf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 23:21:33 GMT
content-encoding
gzip
via
1.1 a0a81637cc76d6981e4e29044a73b7f6.cloudfront.net (CloudFront)
strict-transport-security
max-age=31536000; includeSubDomains
x-amz-cf-pop
FRA6-C1
age
239348
x-cache
Hit from cloudfront
content-length
7903
server
nginx/1.20.1
etag
W/"634f185a-6a64"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=259200
x-robots-tag
noindex, nofollow
x-amz-cf-id
rbBUjUIkC0QN7uLqABZ8mG4wxz5Mt2Bf8iL5bp8chZMrGUf7danMxw==
expires
Fri, 23 Dec 2022 23:21:28 GMT
ssba.css
yehapost.com/wp-content/plugins/simple-share-buttons-adder/css/ 		122 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/plugins/simple-share-buttons-adder/css/ssba.css?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Sat, 16 Jan 2021 00:45:57 GMT
server
Apache
etag
"2220cb2-1e76e-5b8f9cfe541b6-br"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
8963
ssba.js
yehapost.com/wp-content/plugins/simple-share-buttons-adder/js/ 		2 KB
825 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/plugins/simple-share-buttons-adder/js/ssba.js?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Sat, 16 Jan 2021 00:45:57 GMT
server
Apache
etag
"2220bfc-792-5b8f9cfe14a14-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
767
skip-link-focus-fix.min.js
yehapost.com/wp-content/themes/education-hub-pro/js/ 		557 B
293 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/themes/education-hub-pro/js/skip-link-focus-fix.min.js?ver=20130115
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
818266fe4b7bbf0fe187b6190933c99af05829f70c2d6023acab03f8af5a59b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 14:49:23 GMT
server
Apache
etag
"2220a05-22d-5b8f17a628564-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
235
jquery.cycle2.min.js
yehapost.com/wp-content/themes/education-hub-pro/third-party/cycle2/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/themes/education-hub-pro/third-party/cycle2/js/jquery.cycle2.min.js?ver=2.1.6
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 14:49:23 GMT
server
Apache
etag
"2220a1a-599c-5b8f17a635084-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
6852
jquery.easy-ticker.min.js
yehapost.com/wp-content/themes/education-hub-pro/third-party/ticker/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/themes/education-hub-pro/third-party/ticker/jquery.easy-ticker.min.js?ver=2.0
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
e708fe12174d8be13093cdb95f27dbb23e1c1f5ecf15cf06d18af852679acee7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 14:49:23 GMT
server
Apache
etag
"2220b08-afa-5b8f17a642374-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1060
custom.min.js
yehapost.com/wp-content/themes/education-hub-pro/js/ 		1 KB
489 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/themes/education-hub-pro/js/custom.min.js?ver=1.0
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
2d077bde54e3c26d91b3e038826047a10838e9efa98de53a695b6ec3986cf01f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 14:49:23 GMT
server
Apache
etag
"2220a07-406-5b8f17a6298ec-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
432
navigation.min.js
yehapost.com/wp-content/themes/education-hub-pro/js/ 		3 KB
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/themes/education-hub-pro/js/navigation.min.js?ver=20160421
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
e913b48388a5b5c5cf0c2bc55f9afb576053a80ac4aa7d9efbfa53d5b977344d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 14:49:23 GMT
server
Apache
etag
"2220a02-dc3-5b8f17a625684-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
955
wp-embed.min.js
yehapost.com/wp-includes/js/ 		1 KB
744 B 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-includes/js/wp-embed.min.js?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Tue, 26 Jan 2021 15:18:33 GMT
server
Apache
etag
"2260e50-592-5b9cf2aeb8440-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
663
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0b5f75f14e21dcfc6c0892a6e9bd4f8660d05a54546397efcf4d2464a1be5764
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 17:50:36 GMT
content-md5
Fv9AQB0tNFgxbW63qkGbkw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1689
x-fb-rlafr
0
x-fb-debug
/nd/Gyf2TI7aNaiw6snWsthhW6CY6JGElSQXmTZsLzFnebWt4BgvCczskW9uoZr3uTgyDxsCF223WEfk/WGPCw==
x-fb-trip-id
917726464
x-fb-content-md5
f38c5a8803fb885fba76a93d19db5113
cross-origin-opener-policy
same-origin-allow-popups
etag
"be78de7023b5fbff78526eff75ee2e9e"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin
*
priority
u=3,i
expires
Fri, 23 Dec 2022 18:03:57 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 		355 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ab92107ff94aa39eee2d67a4279651ba581fcdc084fec59bfe6ee3dbc8bf5543
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
119791
x-xss-protection
0
server
cafe
etag
1909029628966522960
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 17:50:36 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/ Frame 7742 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yehapost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
1592
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 17:24:04 GMT
etag
10353107486223812946
expires
Fri, 06 Jan 2023 17:24:04 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
sdk.js
connect.facebook.net/en_US/ 		301 KB
85 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=24e71686a165f463a4d5d9123a510539
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
73c4c6c7cd953ecbcf34ff0d04653304e9018a42e92feac7a894697860c24560
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://yehapost.com/
Origin
https://yehapost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 23 Dec 2022 17:50:36 GMT
content-md5
MUAzHqbVQ49XeIvLtVvbtA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87016
x-fb-rlafr
0
x-fb-debug
vTxafyUhxr3AfGSAFpmDQekZHREDjsSd3gQoJ+JPI3JnUtSbSxQYt4mVIjnu0D+CY95SqJkSsNlGlOMAdxidmA==
x-fb-content-md5
9cd831ff7e9d171936fa100e02c51175
cross-origin-opener-policy
same-origin-allow-popups
etag
"86daebd013aee8bc285c7c0be61fc652"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin
*
priority
u=3,i
expires
Sat, 23 Dec 2023 16:58:10 GMT
$2y$10$wenYCTyJnxGlbDyNcT.Pp.1IUkE12OR1zYzGZuaqvLu.1VTtgxDy
cdn-auth.seersco.com/ 		60 B
298 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn-auth.seersco.com/$2y$10$wenYCTyJnxGlbDyNcT.Pp.1IUkE12OR1zYzGZuaqvLu.1VTtgxDy
Requested by
Host: seersco.com
URL: https://seersco.com/script/cb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.90.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-90-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2c63f24e9046a9a37cf49e776d61b208049836d8f0ebe84de5d16d2f325e6b9a

Request headers

accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Access-Control-Max-Age
0
Access-Control-Allow-Methods
*
Content-Type
text/plain
Access-Control-Allow-Origin
*
Referer
https://yehapost.com/
Access-Control-Allow-Headers
*

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
x-amzn-trace-id
Root=1-63a5ea6c-346abc9544caf1832c6bd8b5;Sampled=0
x-amzn-requestid
552866cc-4f50-42be-bd1e-8fc7ac34a25b
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
x-amz-apigw-id
dnGRCEGPFiAFiuA=
content-length
60
$2y$10$wenYCTyJnxGlbDyNcT.Pp.1IUkE12OR1zYzGZuaqvLu.1VTtgxDy
cdn-auth.seersco.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://cdn-auth.seersco.com/$2y$10$wenYCTyJnxGlbDyNcT.Pp.1IUkE12OR1zYzGZuaqvLu.1VTtgxDy
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.90.161 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-90-161.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-headers,access-control-allow-methods,access-control-allow-origin,access-control-max-age
Access-Control-Request-Method
GET
Origin
https://yehapost.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
*
access-control-allow-methods
*
access-control-allow-origin
*
content-length
21
content-type
application/json
date
Fri, 23 Dec 2022 17:50:36 GMT
x-amz-apigw-id
dnGRBEV3liAFoaQ=
x-amzn-requestid
9722c130-b276-4af3-b5c7-3366afc70de7
x-amzn-trace-id
Root=1-63a5ea6c-3db4645d23d12aab6748c1f2;Sampled=0
wp-emoji-release.min.js
yehapost.com/wp-includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.10
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Tue, 26 Jan 2021 15:18:33 GMT
server
Apache
etag
"2260f0c-3795-5b9cf2aeb8440-br"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4323
pview
l.sharethis.com/ 		0
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1671817836705.42799&hostname=yehapost.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fyehapost.com%2F&title=HOME%20-%20YEHA%20POST&sop=false
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/st_insights.js?publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&product=simpleshare
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.136.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-136-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 17:50:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
https://yehapost.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C300%2C400%2C600%7COpen+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C300%2C400%2C600&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yehapost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 19 Dec 2022 18:50:55 GMT
x-content-type-options
nosniff
age
341981
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 19 Dec 2023 18:50:55 GMT
2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
fonts.gstatic.com/s/merriweathersans/v22/ 		35 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/merriweathersans/v22/2-c99IRs1JiJN1FRAMjTN5zd9vgsFHX1QjU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Merriweather+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C300%2C400%2C600%7COpen+Sans%3A300italic%2C400italic%2C600italic%2C700italic%2C300%2C400%2C600&subset=latin%2Clatin-ext
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://yehapost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 09:41:04 GMT
x-content-type-options
nosniff
age
115772
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35520
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:03:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 09:41:04 GMT
fontawesome-webfont.woff2
yehapost.com/wp-content/themes/education-hub-pro/third-party/font-awesome/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/themes/education-hub-pro/third-party/font-awesome/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: yehapost.com
URL: https://yehapost.com/wp-content/themes/education-hub-pro/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://yehapost.com/wp-content/themes/education-hub-pro/third-party/font-awesome/css/font-awesome.min.css?ver=4.7.0
Origin
https://yehapost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Fri, 15 Jan 2021 14:49:23 GMT
server
Apache
etag
"2220a23-12d68-5b8f17a63e10c-br"
vary
Accept-Encoding
content-type
font/woff2
accept-ranges
bytes
content-length
77165
ssbp.woff
yehapost.com/wp-content/plugins/simple-share-buttons-adder/fonts/ 		6 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://yehapost.com/wp-content/plugins/simple-share-buttons-adder/fonts/ssbp.woff?xj3ol1
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
107.180.55.16 Ashburn, United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
16.55.180.107.host.secureserver.net
Software
Apache /
Resource Hash
792e3ff9deae63a442b00d97bbca56fcad95444aae32f454650e801a56326999

Request headers

Referer
https://yehapost.com/
Origin
https://yehapost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
br
last-modified
Sat, 16 Jan 2021 00:45:57 GMT
server
Apache
etag
"2220bf4-1824-5b8f9cfe0d8cb-br"
vary
Accept-Encoding
content-type
font/woff
accept-ranges
bytes
content-length
4216
cookie.js
partner.googleadservices.com/gampad/ 		391 B
695 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=yehapost.com&callback=_gfp_s_&client=ca-pub-2812497099875904&gpid_exp=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fb0d5c0fec07a6b6252525159ed849a4a5297cf27c79f7e4fc7d8a162780b79f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
251
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yehapost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yehapost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 4923 		39 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2812497099875904&output=html&adk=1812271804&adf=3025194257&lmt=1671817836&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=212x675_l%7C212x945_r&tp=site_kit&format=0x0&url=https%3A%2F%2Fyehapost.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671817836707&bpp=5&bdt=650&idt=51&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8479715701122&frm=20&pv=2&ga_vid=1252710638.1671817837&ga_sid=1671817837&ga_hid=1784971943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44778780%2C31071276%2C44780792&oid=2&pvsid=647202426158716&tmod=1498203179&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=74
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9651731091cf1d827799baeb7b260b4f816a4cd6d2f3f0fbb1b449aee345ef68
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yehapost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
13819
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 17:50:37 GMT
expires
Fri, 23 Dec 2022 17:50:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 55A3 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2812497099875904&output=html&h=280&slotname=3257629632&adk=1901316995&adf=1739762991&pi=t.ma~as.3257629632&w=848&fwrn=4&fwrnh=100&lmt=1671817836&rafmt=1&tp=site_kit&format=848x280&url=https%3A%2F%2Fyehapost.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671817836729&bpp=9&bdt=672&idt=61&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8479715701122&frm=20&pv=1&ga_vid=1252710638.1671817837&ga_sid=1671817837&ga_hid=1784971943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=818&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44778780%2C31071276%2C44780792&oid=2&pvsid=647202426158716&tmod=1498203179&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=2MSF5YMdSe&p=https%3A//yehapost.com&dtd=66
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ad70328e1ac20c048df39885ec4326b649f5a799535e428adf183ced1a88acf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yehapost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 17:50:36 GMT
expires
Fri, 23 Dec 2022 17:50:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 9739 		436 B
236 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2812497099875904&output=html&h=280&slotname=3257629632&adk=3082843284&adf=851714739&pi=t.ma~as.3257629632&w=848&fwrn=4&fwrnh=100&lmt=1671817836&rafmt=1&tp=site_kit&format=848x280&url=https%3A%2F%2Fyehapost.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671817836746&bpp=1&bdt=689&idt=67&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280&nras=1&correlator=8479715701122&frm=20&pv=1&ga_vid=1252710638.1671817837&ga_sid=1671817837&ga_hid=1784971943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=230&ady=1147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44778780%2C31071276%2C44780792&oid=2&pvsid=647202426158716&tmod=1498203179&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=GS36ipk1P4&p=https%3A//yehapost.com&dtd=69
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
532abfe7207f8ee3fef0300b9401b2ab89339f44d06b26e34be73133b1f8ce9f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yehapost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
213
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 17:50:36 GMT
expires
Fri, 23 Dec 2022 17:50:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=st_insights.js&lang=en&sessionID=1671817836705.42799&hostname=yehapost.com&location=%2F&product=simpleshare&fcmp=false&fcmpv2=false&publisher=4d48b7c5-0ae3-43d4-bfbe-3ff8c17a8ae6&url=https%3A%2F%2Fyehapost.com%2F&title=HOME%20-%20YEHA%20POST&sop=false&img_pview=true
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.29.136.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-29-136-90.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Fri, 23 Dec 2022 17:50:36 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Max-Age
1728000
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
*
ads
googleads.g.doubleclick.net/pagead/ Frame 3574 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2812497099875904&output=html&h=600&slotname=9322907746&adk=821674547&adf=3835709467&pi=t.ma~as.9322907746&w=263&fwrn=4&fwrnh=100&lmt=1671817836&rafmt=1&tp=site_kit&format=263x600&url=https%3A%2F%2Fyehapost.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1671817836747&bpp=1&bdt=690&idt=72&shv=r20221207&mjsv=m202212070101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C848x280%2C848x280&nras=1&correlator=8479715701122&frm=20&pv=1&ga_vid=1252710638.1671817837&ga_sid=1671817837&ga_hid=1784971943&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1108&ady=801&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44778780%2C31071276%2C44780792&oid=2&pvsid=647202426158716&tmod=1498203179&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&fsb=1&xpc=k415sF6yT3&p=https%3A//yehapost.com&dtd=74
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b0deb3e12a22c0847ec4c0031f3bd096a12f18cd17be332ba316cca73d8d9ca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yehapost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 17:50:36 GMT
expires
Fri, 23 Dec 2022 17:50:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
free.min.css
cdn.seersco.com/banners/static/ 		20 KB
21 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.seersco.com/banners/static/free.min.css
Requested by
Host: seersco.com
URL: https://seersco.com/script/cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221b:0:2:de67:3280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44a5da9d7a51ffbd82daeaee05b74c3b59f5d3143c3df2a8bda60febe2d3c961

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:39 GMT
x-amz-version-id
8Pnrme0sK0HSVaDzrKI1Nvl8lwjAZy5L
via
1.1 c3ee9ebf51003f3e525b258d289d17cc.cloudfront.net (CloudFront)
last-modified
Fri, 23 Dec 2022 11:56:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
etag
"1e701dc3560e679112fedadda342034c"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
20845
x-amz-cf-id
qajJ5j89BJFpnh14dfQyUXRKXYWykhWAMTJ__L5UioV-Gd6cHtvD9A==
free.js
cdn.seersco.com/banners/static/ 		57 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.seersco.com/banners/static/free.js
Requested by
Host: seersco.com
URL: https://seersco.com/script/cb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:221b:0:2:de67:3280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
06fb2dbd2c4e4cfa09b3ccefd291fab7d57324e4a202e6e5dea935c079db5f5e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:39 GMT
x-amz-version-id
rrVhEf0xViMJ9.3nVXREw.inMIqxDNZb
via
1.1 c3ee9ebf51003f3e525b258d289d17cc.cloudfront.net (CloudFront)
last-modified
Fri, 23 Dec 2022 11:56:10 GMT
server
AmazonS3
x-amz-cf-pop
NRT57-P3
etag
"72f87fe83084c670663374c0e67fef0e"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html
accept-ranges
bytes
content-length
58256
x-amz-cf-id
mZB80gzYAl59hBJ4Uu6Dp0gWM9_5C8vl3p4waSSCH-pERHPNMSolyw==
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/ 		151 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/reactive_library_fy2021.js?bust=31071276
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e00a1c438c19128209b69d9f6a3271e8a6aa84178883fd27a983ea782dfbeb92
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52377
x-xss-protection
0
server
cafe
etag
1243023238407979640
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 23 Dec 2022 17:50:37 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=yehapost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=yehapost.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/ Frame 92FA 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yehapost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
85724
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
br
content-length
4242
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 22 Dec 2022 18:01:53 GMT
etag
10353107486223812946
expires
Thu, 05 Jan 2023 18:01:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 92FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C1CfpbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErAFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHLRxPYygyfI8DMc9KzWSdUkTSFzE8ib2_PXigUBaDFxk6mKE355ogAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0yODEyNDk3MDk5ODc1OTA0GAA&sigh=590aJEpQ420&uach_m=[UACH]&cid=CAQSGwDq26N9QqYhrlcvzrEEUMgnYvffHTu1C5UIFRgBIBM
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 23 Dec 2022 17:50:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 23 Dec 2022 17:50:37 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 92FA 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAA6R1h8tc7aLcQbOqlY9ij2oAJFjPfo4ArABIAAA&wp=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q
Requested by
Host: yehapost.com
URL: https://yehapost.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
280590
content-length
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame 8095 		145 KB
47 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
de93f7312513c259c27fa18e07b715fc2f7e7381ee622ac2d8c10779f1047a03
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 17:50:36 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=nKxHRr9Uhtgq6jRjI3yp9WEtzK-Y1NaUfaNMaz-6fF41kYMhkH_DTv8r2APBnCfGOfwqntgXAZ93MDoKQo9xcBNA_cVWSkTr1apPMfoNaSkQDJk9055aZTSYYpVZjyS1a4HDNq3ygAlSDlaJPlEk8O7yX4ezC-uO5Y9X_f1XMbqmqx_Y2gCxNLsENyfsaDvHT7Cnb2Ckam7CU97sKyvR3wxljUNpNtWRSyVPNFaq2vAfOS-HQbvV6mxNYNqhHPNDqRnxqg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
90285811
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 92FA 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:13:20 GMT
content-encoding
br
x-content-type-options
nosniff
age
2237
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 17:13:20 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 92FA 		18 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 12:33:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
19047
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7480
x-xss-protection
0
server
cafe
etag
15631949847000551034
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 06 Jan 2023 12:33:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 92FA 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 17:50:37 GMT
truncated
/ Frame 92FA 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
28a28353c7914128d5248c44ce7ec21d67e3fae72da2aaca7091c344cc7df6fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 8095 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:50:37 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 8095 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:50:37 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 8095 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 18 Dec 2023 17:50:37 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 8095 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 18 Dec 2023 17:50:37 GMT
lg.php
cat.fr.eu.criteo.com/delivery/ Frame 8095 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ieM5OHsnO68UYrYiDu2RaQt1qcyxB-X7OTA-Qz3MWu3Lr72258pC7vthPcHgE33gR6c1dg7myp9CKKg4ydyjwLGSN3GYiVv2D15ZUCn1gZKq2kpT0Uq7Rznc5Xku-SgojRBTLEY49hwsMEja68I680JSELhefHxI_Iijlb-YvzpxvrbSAHsfMtzJgsLY0wpOWZQPj-UQJWpIOj0OiPwj3ozmuGvAd-mz9gCmFTOvqaVzrzOk5wX5neE77fXV23rQ1MZHn_WSjJ5hPVH738gUYc-4utWfCzj8Ysq7vL77i2PfH4s69_9lI_6CJMRChwWdKHchzZFarWJ2ExcFu3ZmRq8a4hWXVTlac4S7RoXz4P5hXbJeWA70IWy_yeZW2OX9DGWIPqTk1YT4XSgaWSPOtYcXBlcePwE0laMgMMGpSO_xHSS-
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1985266
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 8095 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
36246
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ovUtW8zVEVn%2B1nmrk4snP%2Fvn151rPG1bkxPbUaFrMSc6Owli0N7yi4BDYlrtU9ZQeFeOKj0uzuruVC2WVHUfEq8rQXfwTSn5Zqo3zx7RhHvpnVhHB9zbvp4Uco0S7pZUbmOot3SnNZtEIslTdkgvyp%2BY"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
77e2f0cc9f1f2bf2-FRA
expires
Wed, 13 Dec 2023 17:50:37 GMT
0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 8095 		38 KB
38 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-97a8"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:50:37 GMT
ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 8095 		46 KB
46 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 02 Oct 2018 14:57:25 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5bb38755-b778"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:50:37 GMT
animejs.js
static.criteo.net/animejs/ Frame 8095 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:50:37 GMT
img
pix.eu.criteo.net/img/ Frame 8095 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2F8ee840d4a3ed46b29e29bc1b9545348c_stardardcon.png&v=3&w=464&s=pn-K28i7ygRKVst_wDWogFXa
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
c4e1d6dac257b1f10f34c13ef8ec41e9e0cd8133c8e947aef4d756e19213649c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=28635067
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
29187
expires
Mon, 20 Nov 2023 04:01:45 GMT
img
pix.eu.criteo.net/img/ Frame 8095 		62 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F221121%2F71409a64baf248aca03b351b9195ce6d_img_horizontal_1.jpg&v=3&w=1200&s=m66f0H_H8Qfa9PszLewKKMhG
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=30975326
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
63762
expires
Sun, 17 Dec 2023 06:06:04 GMT
img
pix.eu.criteo.net/img/ Frame 8095 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19272218-R3G9MPOo.jpg&v=3&w=400&s=I-XBRwbLrlCyAE8I6h6R26ei&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
4fe525900c5cfb9788418f5884d8fea1515e01355b8ca5ee84a7090d52ecacc7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=358551
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6122
expires
Tue, 27 Dec 2022 21:26:29 GMT
img
pix.eu.criteo.net/img/ Frame 8095 		354 B
618 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=jBnWN17oJ5tiMqvOBZjs9kr3
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30018467
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
354
expires
Wed, 06 Dec 2023 04:18:25 GMT
img
pix.eu.criteo.net/img/ Frame 8095 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1504098678%2F17225252-yiCPvQFr.jpg&v=3&w=400&s=abhZ5YG8_gNEzCK9shaQ0mHF&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
6a3ad3411fc41277e7480200cf777f0514450b4aa49065d7106969e2c8df8658
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=333555
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
19020
expires
Tue, 27 Dec 2022 14:29:53 GMT
img
pix.eu.criteo.net/img/ Frame 8095 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F17233874-mmSntGlv.jpg&v=3&w=400&s=SBQvaUBjSPB5_aYrk1MMNmDG&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
645060cc20b7e4ea8e7f4c26d9a97e78cbfc311756ff0faf3bf4b3210153d3f5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=332679
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
10106
expires
Tue, 27 Dec 2022 14:15:17 GMT
img
pix.eu.criteo.net/img/ Frame 8095 		44 KB
44 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1660725344%2F22187438-yN7SaS7E.jpg&v=3&w=400&s=5N5aC-aCm0HUVwpJzKqvlfRd&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
265c0171de2f765109c93882c8ff3e8b6644af2c4bf9aa5c276cd4eaad74fe14
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=57836
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
44548
expires
Sat, 24 Dec 2022 09:54:34 GMT
img
pix.eu.criteo.net/img/ Frame 8095 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1544801733%2F18355351-xrjzzaX5.jpg&v=3&w=400&s=xxTtJDu366ggaqA0y5_L4MJf&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
5580b638751049cd8916552ceb80804f16e8ce15f18facde698f8675c3aca01f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=336700
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
6062
expires
Tue, 27 Dec 2022 15:22:18 GMT
img
pix.eu.criteo.net/img/ Frame 8095 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1655879656%2F22134922-6qPEgbpu.jpg&v=3&w=400&s=TMkdRd3iJF6iRKZRXkyx16vW&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::8 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
1e9ae873a42100a88f0b0baca9ab716f2789629f387e7276cc6fe48ba7c6b403
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=487352
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
58370
expires
Thu, 29 Dec 2022 09:13:10 GMT
all
csm.eu.criteo.net/ Frame 8095 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=nKxHRr9Uhtgq6jRjI3yp9WEtzK-Y1NaUfaNMaz-6fF41kYMhkH_DTv8r2APBnCfGOfwqntgXAZ93MDoKQo9xcBNA_cVWSkTr1apPMfoNaSkQDJk9055aZTSYYpVZjyS1a4HDNq3ygAlSDlaJPlEk8O7yX4ezC-uO5Y9X_f1XMbqmqx_Y2gCxNLsENyfsaDvHT7Cnb2Ckam7CU97sKyvR3wxljUNpNtWRSyVPNFaq2vAfOS-HQbvV6mxNYNqhHPNDqRnxqg&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 23 Dec 2022 17:50:37 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 8095 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:50:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 8095 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 18 Dec 2023 17:50:37 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 92FA 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTBVH3fMZhv4__tvyCrIiwQAWd9vqmBFLiBDp_mwQLT5namPqLkLHDSds33FPHLWwIrc_kPtRzAak-aK45kwoQ1dU&sig=Cg0ArKJSzHNi532ceo89EAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=85,768,1001,1119,1203&tos=85,683,233,118,84&v=20221207&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1671817837179&rpt=174&met=ie&wmsd=0&pbe=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 23 Dec 2022 17:50:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 8095 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=nKxHRr9Uhtgq6jRjI3yp9WEtzK-Y1NaUfaNMaz-6fF41kYMhkH_DTv8r2APBnCfGOfwqntgXAZ93MDoKQo9xcBNA_cVWSkTr1apPMfoNaSkQDJk9055aZTSYYpVZjyS1a4HDNq3ygAlSDlaJPlEk8O7yX4ezC-uO5Y9X_f1XMbqmqx_Y2gCxNLsENyfsaDvHT7Cnb2Ckam7CU97sKyvR3wxljUNpNtWRSyVPNFaq2vAfOS-HQbvV6mxNYNqhHPNDqRnxqg&sds=2&rev=83933&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y6XqbAANKWwKGLWLAAEsi1-P1TXNfesg2z8H7Q&u=%7CE2pqsUtXThXrYiHzTjQuNQl4jppMwxI94l%2BDB5T5hCg%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAxA_akc3XvLc0LooaVmkml_9UK-UtSG4EOQdltXy5yS0Ymz2t8EAi38lGdzKsei6o5LC1TOCrKLyiHSfvwNM-7JlQfaMFRNvEgqMkLYIfEnKSn0r9Opa-R_fRyCME-yQxBKwjiB3B28s_hJ-SPzi3KY3kAmXwKWN5oGXO40TkEBS2Z0dUB3ld8OJMZ0hkFGKo5lBbJcuYJNShj6jWDuu3-PBulxJ-5e6RDFYtlSKgDoX_N94rlJwb9nD-PNM-9VHKKfaUPVy-XoD0zPdFmWcyO3jL-nL5FbBl8NY74KaE2JdHOqKGYI1uV4hVYMZjsjtJOus-XGs13VJanLMCI9XjVx863K9ccS0_V8ZW3dkA8vcLweF4xQ89MIH3qSFRM9osGGczppKp58tPgLjeuT5NCNgldJRVPXuAv0GLDRa8v574LyxcgDylt5Q_FqEmu1uZwSSZxJMzHztG_N8ZixP65jTzzePPkoIsFDxq41gySUQiD1N7tSSkiAvkl3J2K9vwvRlISC6yAJT2LcpOTCxASgASUYrUah2vs&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQzqYbOqlY-zSNIvrYovZhIgIyZ7SsVzN4ZL3cMCNtwEQASAAYJWCgICwB4IBF2NhLXB1Yi0yODEyNDk3MDk5ODc1OTA0yAEJqQIO_DVges2xPqgDAaoErwFP0AerJFTMU5rqO5EY8JI4_cCVXVcUL1tsdiKcfMcFbq_4Rp7p4l_UewBSfbWcIv-frYjQ-UPi3UaZoA1loGe9kTW4ggHZrQhEVmtfP-SMKn6k-2TU0JbFOSSql1zubSZ6SLw30zQcFXg5hZwkxbiT8U2pdbVQsm7orK9qkwbZ4dN70pSOHPZzHB4nRm4vs1spiOWv07EaXFZy-AjufkEqvOaos0JI8ucuW43XfYtDgAbcioG9gIPG97YBoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3J-x2Y4xZbqDCHDH4gNQMtBttxZg%26client%3Dca-pub-2812497099875904%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::17 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 23 Dec 2022 17:50:38 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20221207&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6a96b89dacd9c11d1384b13831c4f3b09106b8b35c2352be170d7d3b361b1c30
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:39 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11093
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212070101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2812497099875904&plah=yehapost.com&bust=31071276
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 23 Dec 2022 17:50:39 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FC7A 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://yehapost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
2239
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 17:13:20 GMT
expires
Sat, 23 Dec 2023 17:13:20 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 7CDC 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
03f1b95d6f79d691400e81bfa81577ee7cfd47b1b1df65e69c08618e25ca55a9
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YI1NTGJYEYZQDa3Chfey7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://yehapost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
514
content-security-policy
script-src 'report-sample' 'nonce-YI1NTGJYEYZQDa3Chfey7A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 23 Dec 2022 17:50:39 GMT
expires
Fri, 23 Dec 2022 17:50:39 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
pagead2.googlesyndication.com/bg/ Frame FC7A 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3WpNOUgrN-_pxVw2NAHVNtofer_w6aLb3ZHXGHAM44Y.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:13:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2239
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16071
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 23 Dec 2023 17:13:20 GMT
generate_204
tpc.googlesyndication.com/ Frame FC7A 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?r8sdEw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 17:50:39 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 7CDC 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20221207&jk=647202426158716&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20221207&jk=647202426158716&bg=!DQ6lDkrNAAYgquz3AKo7ACkAdvg8WsSD3xzF6EcjCZ7dNhQuRClpn29tMimKkdUXc0HXC0mbnkpdKgIAAABCUgAAAANoAQcKAM8LryHGBHmD9260qSQ9ZScTpm239H2TgdOzTWzN1cklm7YJBNZtUNBiRq12TizCkasq6vBdpH7rcSg86XztMotuab4MWEXYRABiWkYobGpqgWHJfmhxehaGLJvnWDLPGkPI3HBf8dUUOtbDhu8okt_lR7p3Lc7uFk-V-th4XYU8COUTMpOD7ibwFzBINYvQfUSZ6oLxuY52faX5mfcnPRCvRMSFvNvpw3XqXTN0TTJonLbIeGq3lSiFouhtlrgrx6lsbpJSu_q2caL6VttzgoWZAsEzmGKkq2vx-ZMTx-DZ4iFDx0ZxS2Wqj75QEZ4Btk332Ejn2TG59dglVs6VuuEu0hIAjPz-WGSYo8XSUfE91NptFO4wZui0tdY04CY3TqgeVKyqllXq4TQ__WUKc_ADqgcojrcax3GrFjdy6RIibtEEtfCMHw-Z-yodqxxFYedFP7BrueOvxIma_mqgWp9md7wm55kwCTDpxbjk1xaRbBdRtEO769069sIaqy4tf67XuZEukLFFyfpZPdo78aAOeGT6fX1QkeT82smaAAdtNFcJrMPHeE8qHMcn226NgEaw_IduV8ZdlapFzhQFUT_qaBluDJ0LxRJPN1ozpKjWI8zA8fdzl7ZYjknTmW4N0ch2uPxeyGyZVv0o5KfkXkpLKaIL-3lMQXnK6myocdkZUwDOfcwYhjIQZbYi9hVSTWdmMbkuWjh1atY0hOkkT0kSL_ljjuaq-qI2zha_7DsrKnBXr3sCk6p0RyxDLmWLvKnvUPPLaG-FEtVeBu4YxbfnZAkTOkyIrPcbEJI42dZVwZrG6UP7aPFGMEzrULqqStzilw0_YcUP1vhbqtmHlIjbsicqIYwNXs5E3HJzg9O4rvSQFOoSUVud1ws_a5WI-Ae5L-pvRue6i_qfEw5PAiShwWskvex6VwR1carknWbystnhYuZGFGjlleu4f28KfwBYGdCv8zsTACw58D8ZEq2uNdlUh7Bq-hFuYiUOYCc3ov8uZ-AtWte4Z6okM-ZE8OFYMwqO1xw9PR_V49tX552OjltL7AoWJK-L27LGrbYL7wpjqul1u0QkjWMsQC-4UJhfzsSOdahVOslq2cRexkqh5W2YDXLNTQxaLFkgEjJubeIBLFurtVELMdDrvm-yKG6szy-yR2_QKnlFFoSvimWryLE6IIzS0Q8T0Vx3WsD1xgGZfZLMomN-DrHDTD4Yo3fc2wk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://yehapost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| oncontentvisibilityautostatechange object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle boolean| _gfp_a_ object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint object| FB object| banner_lang object| key_script string| key number| pro_expiry object| authResponse function| makeAuthRequest function| loadLanguage function| calculateExpiry object| _wpemojiSettings function| $ function| jQuery object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| wp function| wpAutoTermsDomReady object| stlib boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus boolean| sop_pview_logged string| stWidgetVersion object| stLight boolean| st_showing function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| Main object| EducationHubScreenReaderText function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| __buffer object| quickLinks object| twemoji object| google_llp object| googletag function| fin function| seto function| initEvents function| truncate function| addClickListenerToAnchor function| createAnchorNode function| makeCompleteStatement function| openCity function| loadStyleSheet function| loadStyleForDefaultPolicyPageDesign object| GoogleGcLKhOms object| google_image_requests

3 Cookies

Domain/Path Name / Value
.yehapost.com/ Name: __gads
Value: ID=f6a601f6f2a9da85-2275e10e54da003d:T=1671817836:RT=1671817836:S=ALNI_MYNxgf1KB5QhoOlRr5R6u90exaIdw
.yehapost.com/ Name: __gpi
Value: UID=00000b9743b2a07e:T=1671817836:RT=1671817836:S=ALNI_MYnWYZ39DJdoPz6Y6GDZrSqfT1trw
.doubleclick.net/ Name: IDE
Value: AHWqTUkXg8da5jIPsmpokWQJM2FlEeTtJOvJcaF9sTfCtAiTPeDrgnv3xMgmI3PNmCI

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/html/r20221207/r20110914/zrt_lookup.html?fsb=1(Line 21)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cat.fr.eu.criteo.com
cdn-auth.seersco.com
cdn.seersco.com
cdnjs.cloudflare.com
cmp.seersco.com
connect.facebook.net
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
maxcdn.bootstrapcdn.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
seersco.com
static.criteo.net
tpc.googlesyndication.com
ws.sharethis.com
www.google.com
www.googletagservices.com
yehapost.com
107.180.55.16
178.250.0.160
2600:9000:2057:fa00:3:c04e:c780:93a1
2600:9000:221b:0:2:de67:3280:93a1
2606:4700::6811:190e
2606:4700::6812:bcf
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::200a
2a00:1450:4001:82f::2002
2a00:1450:400d:807::2003
2a02:2638:1::17
2a02:2638:1::3
2a02:2638:1::8
2a02:2638::2
2a02:2638::b
2a03:2880:f02d:12:face:b00c:0:3
52.29.135.143
52.29.136.90
52.29.90.161
000cb4237204c839588365b865b4ceb28c4d78ba054f6e5a4c7a5e25f36e0c9c
005ed406125da4d8dc754e09115cb462bac77964d70ae824757288f008f8adc3
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03f1b95d6f79d691400e81bfa81577ee7cfd47b1b1df65e69c08618e25ca55a9
06fb2dbd2c4e4cfa09b3ccefd291fab7d57324e4a202e6e5dea935c079db5f5e
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b5f75f14e21dcfc6c0892a6e9bd4f8660d05a54546397efcf4d2464a1be5764
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1e9ae873a42100a88f0b0baca9ab716f2789629f387e7276cc6fe48ba7c6b403
265c0171de2f765109c93882c8ff3e8b6644af2c4bf9aa5c276cd4eaad74fe14
2721cb3be7704be75a403489d609671fab74269a881ca8b62f1b47f118c02a76
28a28353c7914128d5248c44ce7ec21d67e3fae72da2aaca7091c344cc7df6fe
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c203a6733a25a4d2bb3bf2c1cc3a31c793cc3cc18b11a7c9201f6b4cb3b569a
2c63f24e9046a9a37cf49e776d61b208049836d8f0ebe84de5d16d2f325e6b9a
2d077bde54e3c26d91b3e038826047a10838e9efa98de53a695b6ec3986cf01f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
4213eba6c464b3ca6fc71c748e2ba99f63f7f0b624199fd44127da67e40a3003
44a5da9d7a51ffbd82daeaee05b74c3b59f5d3143c3df2a8bda60febe2d3c961
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe525900c5cfb9788418f5884d8fea1515e01355b8ca5ee84a7090d52ecacc7
532abfe7207f8ee3fef0300b9401b2ab89339f44d06b26e34be73133b1f8ce9f
540de2d34a45628a8f78145f52e384bde6806241ab2a5c13f81b894ff958b84b
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
5580b638751049cd8916552ceb80804f16e8ce15f18facde698f8675c3aca01f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a9671638cb9686461c833506b6f3dbbaf41cf84b012eec4add3eef7ac6c962f
5ad70328e1ac20c048df39885ec4326b649f5a799535e428adf183ced1a88acf
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
645060cc20b7e4ea8e7f4c26d9a97e78cbfc311756ff0faf3bf4b3210153d3f5
6a3ad3411fc41277e7480200cf777f0514450b4aa49065d7106969e2c8df8658
6a74f9c8b17fc9f9df69e30b8800410e4f1b58bd0c7f4b1659a10f356723a7d8
6a96b89dacd9c11d1384b13831c4f3b09106b8b35c2352be170d7d3b361b1c30
713ba573bd44652ff38f4445d9807d587e34e2e81ebdcae673a4414606d784e8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
73c4c6c7cd953ecbcf34ff0d04653304e9018a42e92feac7a894697860c24560
76a18f5f0637e0d73ce1afece898ce8b0fa75bb6b1c1990ae4a7ac6b083045ce
76aba5d4e5db7eb218d6a1378af48dcc252d19e159d7340681b8b723b32d403a
792e3ff9deae63a442b00d97bbca56fcad95444aae32f454650e801a56326999
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7b0deb3e12a22c0847ec4c0031f3bd096a12f18cd17be332ba316cca73d8d9ca
818266fe4b7bbf0fe187b6190933c99af05829f70c2d6023acab03f8af5a59b0
83596846d160e44c98d8674d1f4b35be40646ec5ea30d9df136012028d354aa6
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87a1a7e65f6ceed57d27b07cac22836a7682617932fc9d4376887b0ae1754a35
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9651731091cf1d827799baeb7b260b4f816a4cd6d2f3f0fbb1b449aee345ef68
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0dc45b07153920d06e669676d8d6a7592971683f1381aefc5c95b83dd62a2bf
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
ab92107ff94aa39eee2d67a4279651ba581fcdc084fec59bfe6ee3dbc8bf5543
ae0ff1da916608a628467eb58f09b4a0375e2f395b15c6baed836b3b1e4e9a7f
b1c45cf6f3db747573e74bfa51d51fdd3296bf7b34e800e6622c149f69a3ddde
c4e1d6dac257b1f10f34c13ef8ec41e9e0cd8133c8e947aef4d756e19213649c
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
dd6a4d39482b37efe9c55c363401d536da1f7abff0e9a2dbdd91d718700ce386
de93f7312513c259c27fa18e07b715fc2f7e7381ee622ac2d8c10779f1047a03
e00a1c438c19128209b69d9f6a3271e8a6aa84178883fd27a983ea782dfbeb92
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e33e10b8be04e75dfa2658726e85189bf01b986172c16d10b4c0a74332804f58
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e708fe12174d8be13093cdb95f27dbb23e1c1f5ecf15cf06d18af852679acee7
e913b48388a5b5c5cf0c2bc55f9afb576053a80ac4aa7d9efbfa53d5b977344d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4d4eda42f85c6ccbbb5de2aff596085b3b1d380c8585464f2e53df2cad66f8e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fb0d5c0fec07a6b6252525159ed849a4a5297cf27c79f7e4fc7d8a162780b79f
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40