www.pua-unemployment-login.com Open in urlscan Pro
2a06:98c1:3121::a Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.pua-unemployment-login.com/florida
Submission: On May 10 via manual (May 10th 2022, 8:38:17 pm UTC) from US — Scanned from DE

Summary HTTP 152 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 20 domains to perform 152 HTTP transactions. The main IP is 2a06:98c1:3121::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pua-unemployment-login.com.
TLS certificate: Issued by E1 on March 19th 2022. Valid for: 3 months.

This is the only time www.pua-unemployment-login.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
26	2a06:98c1:312... 2a06:98c1:3121::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:215... 2600:9000:2156:1000:1e:6a6f:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	69.192.161.85 69.192.161.85	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
4 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
3	184.87.213.205 184.87.213.205	16625 (AKAMAI-AS) (AKAMAI-AS)
6	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	65.9.63.90 65.9.63.90	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:214... 2600:9000:214f:e000:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
1	108.157.4.117 108.157.4.117	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
1	2600:9000:214... 2600:9000:214f:4e00:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	70.42.32.255 70.42.32.255	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	151.101.114.132 151.101.114.132	54113 (FASTLY) (FASTLY)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
21	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:9000:212... 2600:9000:2127:2e00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
152	31

26 2a06:98c1:3121::a (United States)

ASN13335 (CLOUDFLARENET, US)

www.pua-unemployment-login.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
platform.foremedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2156:1000:1e:6a6f:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 69.192.161.85 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-85.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 184.87.213.205 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a184-87-213-205.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-90.fra56.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:e000:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-117.dus51.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:4e00:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2127:2e00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	100 KB
22	googlesyndication.com 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 95 tpc.googlesyndication.com — Cisco Umbrella Rank: 130	92 KB
18	pua-unemployment-login.com www.pua-unemployment-login.com	375 KB
12	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1327 widget-pixels.outbrain.com — Cisco Umbrella Rank: 2750 odb.outbrain.com — Cisco Umbrella Rank: 1442 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5708 mv.outbrain.com — Cisco Umbrella Rank: 3326	116 KB
9	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 12919 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9672	156 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9163	3 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187	184 KB
8	foremedia.net platform.foremedia.net — Cisco Umbrella Rank: 188956	9 KB
7	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4142 log.outbrainimg.com — Cisco Umbrella Rank: 2136 images.outbrainimg.com — Cisco Umbrella Rank: 1997	67 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	2 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3290	71 KB
3	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1382	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	110 KB
3	cheqzone.com ob.cheqzone.com — Cisco Umbrella Rank: 7839 obs.cheqzone.com — Cisco Umbrella Rank: 5035	20 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 46884 go.trvdp.com — Cisco Umbrella Rank: 43463 s.trvdp.com — Cisco Umbrella Rank: 45366	187 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	76 KB
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 5451	741 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 39518	4 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7678	792 B
1	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	358 B
152	20

	Domain	Requested by
21	static.criteo.net	ads.eu.criteo.com
18	www.pua-unemployment-login.com	www.pua-unemployment-login.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
11	pix.eu.criteo.net	ads.eu.criteo.com
8	mc.yandex.com	2 redirects www.pua-unemployment-login.com mc.yandex.ru
8	securepubads.g.doubleclick.net	platform.foremedia.net securepubads.g.doubleclick.net www.pua-unemployment-login.com
8	platform.foremedia.net	www.pua-unemployment-login.com platform.foremedia.net
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	csm.eu.criteo.net	ads.eu.criteo.com
5	widgets.outbrain.com	www.pua-unemployment-login.com widgets.outbrain.com
4	log.outbrainimg.com	widgets.outbrain.com
4	www.google.com	tpc.googlesyndication.com 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
4	77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	mc.yandex.ru	2 redirects www.pua-unemployment-login.com
3	mcdp-nydc1.outbrain.com	widgets.outbrain.com
3	cat.nl.eu.criteo.com	ads.eu.criteo.com
3	secure-gl.imrworldwide.com	ads.eu.criteo.com
3	www.googletagservices.com	77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
3	ads.eu.criteo.com	77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
2	images.outbrainimg.com
2	mv.outbrain.com	widgets.outbrain.com
2	rtb.nl.eu.criteo.com	www.pua-unemployment-login.com
2	obs.cheqzone.com	ob.cheqzone.com
2	www.googletagmanager.com	platform.foremedia.net www.pua-unemployment-login.com
1	data.ad-score.com	s.trvdp.com
1	rtb.fr.eu.criteo.com	www.pua-unemployment-login.com
1	odb.outbrain.com	widgets.outbrain.com
1	s.trvdp.com	go.trvdp.com
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	ob.cheqzone.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	www.pua-unemployment-login.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	www.google-analytics.com	www.pua-unemployment-login.com
1	cnt.trvdp.com	www.pua-unemployment-login.com
152	37

This site contains links to these domains. Also see Links.

Domain
www.outbrain.com
www.amazon.com

Subject Issuer	Validity	Valid
*.pua-unemployment-login.com E1	`2022-03-19` - `2022-06-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.cheqzone.com Amazon	`2022-01-22` - `2023-02-20`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.pua-unemployment-login.com/florida
Frame ID: 797ED9B740BE9894CAE5A36CD420A646
Requests: 75 HTTP requests in this frame

Frame: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2FBFDBAE4000680A0A772803CAE5CC2D
Requests: 1 HTTP requests in this frame

Frame: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 548602C63CEE21EE2AEF1F707AFA7784
Requests: 10 HTTP requests in this frame

Frame: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 67B64220A6CCF580DDE19E93973351AE
Requests: 9 HTTP requests in this frame

Frame: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D8C72F0D3110EC53E7A083CD7F278D02
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D3769A4BB61BD20E2732A86617BC3931
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00D7B818E905F2760A357AD0F6195D76
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt7sKd_uCAA8AEOf5PTQhMqek5hxQZg&u=%7CfepHkZK%2FpFgV8bj7qL49NWEtCtDgjivPY9rr8qEJAEA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA5hKUJQuFTAInZcCRQkTLkE4J6vEvHU9Z66Ych32zk29Vyr1WcBNyIFgZQX6Z33kPQi-aMYI70jQkKdyEv2of7a0Lb8BVO_A2a6nGsE3ajn1zC2wGiGZO_xPPqFJNpaPqL6_qzW2PuVbt3oEKu_pxUh8hOp0n5JBLMdXtutPSX3ev8aqKFGDQW4dfduBJiXstbhkP8ki9B8rWP-7krxTWRJtBCyApnwV9FJkOR5M_pktDaY56tpXV6vxXnLCdmsMHxdq6liloze5jUXqaWCIltSdnINuJ8zqgZkxLBPs-mOY6y1ff0OZj4jt7Fwq5SKjZa04rMcU3_blpKYPQXucP5W7jXfpJznzcwug-HhnrmgW8Xz8ks4mj4RPkbnKubDNj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw5NvMs16YrvvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSNAk_QnKKEd4w5m-0zppyYIhuQqLHVxRVykPj8Dn_VjswIIhBceFpCKiFNvr8AbZXC4hQlCE0nJ9gXmQ4IUKzW91wd9bAV-gbGFwKffu1FnkuNQQkJmlGHABpOQjPf9PRGHl7157lALz8GzSF4HkutEM4TVW--M_XV1D3a1nyZohvvqgmsQUbhj9utOhgT6Tjfw6gNecxKD5kiMeHPym__6YwBszkn3iWu10U5Gfh5BupxFQJM_32sPdjtvl5tdfjcsHIFy5yu8HaVOtica3RLBiiYKCoDqxLHt7NCv4Xsyyna40bZJEY5DOqsPObWUorUBGKk-H5afRzzl6w3wzbzCaVGr5xJpfK92rOfG5OQ4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WglmhtbbqemDaB-kady06wiQl_g%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: 18969BFAAD012E9579D59608EBDD2216
Requests: 20 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt70Kd_uCAA8AEDePGr5mKN7Grkj1zw&u=%7CfepHkZK%2FpFgTKnu8JnUYMBNU6p2fv%2B608LFDCyKeDI4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh21D9JdyWuQMCX56wCQsogyPQPgBoDpX_43yXC8yuS4MS7XNyFDnLM0E79k0ha_hLehdw0eqCGU_Ma33rgoT33Yws5q9i9sXP3ezNn-O1_ZJPl8g5ZPmE6zkV_fMU4djgn_A_nywIZpZRBSiTChdUQu7CFrS8_0PPwCdWHkRhGgzcWtnp2yflon-An6nL3qOdS9c3tSmhcp3UKE6un9pWgRU5-fmxbEmp47KUz1UlKoxTJIOunj66eBoEgD5CczhCpDZa_4OsTTA9aBVaOMmbHXhEa1fuLmVl7ILSgdEQEsZmEEhOjxW2CEdEPRB8EpDYK6AT3ZjHILBjvBZvC_r6X6JyU6f9D509dTH5JtaVq9DRvC82rGTtxsbl9wo3cEEH8Cy7oD1Dvb4IlSUd0WezA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX489Ms16Yr3vAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSIAk_QLk6Hu-sGgyQksoKvneittzdsXeCYvARo3LXrLMqwfmKOlLGA5mm1x-NtOFZq0fy2oWAhInUefbE5t8zwkaSPJzGP5xMwWAxpjdo1etXXJ5GDJi2-8gblgJueC-iBWyXlBh-OCU8NDWtEx9Du_4-MY3vOOzvWpwcnhbCxHMAvio5sEka5_WH1qb21ncmfxzzKUR_Thuu8XNjA1LYYPrMIvKD1ZXXhHCnDsoxsriG8oSZM73avUNBQ0ibjFkoVddgHAP-coCm1lRNpkTisJo2weoSuHR1IKddQwzdoU2tm8Q6eZneXnIrCVeyhQmNZFued2QJqwaMI66ThdVo85SMNDWl6j00U4uAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CQR9pI4aUofppY4sjtwTGqToijw%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: 0435B98D6728D40CBBD8DF35524C5A94
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt8AKd_uCAA8AEOy0BCc5dYQUOPbcyg&u=%7CfepHkZK%2FpFjXYB6PJUxmEWHEM1tKeYesdP5xUll6YNs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-BiSE6tqOp4TSEGrMttvKWR2xZSKfKxYicO6SEunw7VO4tXnpGsP0QDYcFK_dTw8VZm8_DfBDIv5miJYGGFFMmDIvb3GF73JmfJu-QMCMT5My0zT1jCWGI5hpW2P3sQzWyLLW-2SHdC9WQstSOcFardtdJmEdIwFC-2KSJi3sJo88mEAyOcdP25_7BU3t9GLkWupO1BLs55g1pI9RaSh1wdqdU6rjyAPHP0nFt8KGp3BPV9h4M3ydYcXvxum2X2BKroO7qIVsLJyHPQqK-Kq_JgKYsmrDnGcg1eWEUkWpii74mjHsfAvmIkKx3FJUkzUkW2Zb62iMWt9rY7ExpkLQHIwcaCThoosqHD-JoWhgwxqbYO5GkVZQlntZ6D9cVT8HxyjzK5qTpby50&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR8rsMs16YsDvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSHAk_QAHPnIGLwB7stWRiS_JXmTd9wbOwRMo379WmG1IvMv4Wquu3khv2Ij3JTDM0CaphhjNmPDzFBGG0YIBwMaru2IPBHIPtScfeVZzx1_jKCB7XkBoZb0v02H3bCgxjFDbpMdVk5yIBUjk0NHslB5WIs4XItfozprbFt8_trwaQrfSdBEbkwIwmTtOA1W_WN39IK-FCgcE9JC2Axd81_upEvujFiWD6-HB-GJkIoT7zqi9cEhKo4vSj_vWQ9l4izxuu16deoz6PoS97sWPNTO-ol3hLl2O_-Pe9f_dc03RnDR6NCJd4SqQ0SG91sO_fDCTZpX6WLC7o8aYQQjzit-9cwjN5mgEno4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-InZwIGDjM0Xo66lL3wdx0TCCgQ%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: 951671F0884037A9D0AE1F05D1256BC7
Requests: 13 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - PUA Unemployment Login

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

152
Requests

98 %
HTTPS

63 %
IPv6

20
Domains

37
Subdomains

31
IPs

5
Countries

1586 kB
Transfer

4081 kB
Size

22
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/goldbox?&_encoding=UTF8&tag=morningdough-20&linkCode=ur2&linkId=addffa3820d795ad48814fb7181eb8e9&camp=1789&creative=9325

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Coupons/b?ie=UTF8&node=2231352011&_encoding=UTF8&tag=morningdough-20&linkCode=ur2&linkId=f770b179aa1c5f37c8dbab4b21375abd&camp=1789&creative=9325

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B00R20MPW2/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00R20MPW2&linkCode=as2&tag=morningdough-20&linkId=7d94b02402bdd3500a59ca44da8ed8e8

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B004GJ6BY0/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B004GJ6BY0&linkCode=as2&tag=morningdough-20&linkId=ead5bcb530e5125f4b2a9dbb36190172

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://mc.yandex.ru/watch/87761349 HTTP 302
https://mc.yandex.ru/watch/87761349/1

Request Chain 36

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9634.EtXVjvSvkP8d5D1Q2ef-t3QgOo7cGuZjzR1papO7Q-uYDhasLk975RP3D93MT5mA.2tARxmH_C29DnZuLGJvH7mOYGwc%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9634.foFJLrrs2pX8n6Q96bJDCO_4mvwXzpKhMRLG9FYvuBCn8XkmjTboEjp6_RS1aOWhs9JSSFM_syrfeKpA-AOCu0qX-nxMD-1ldXlD8ka7n9M%2C.AzOHbV62Z8ErsMoU6UIRlKuPtIQ%2C

Request Chain 43

https://mc.yandex.com/watch/87761349?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A150813814871%3Ahid%3A928493339%3Az%3A0%3Ai%3A20220510203809%3Aet%3A1652215090%3Ac%3A1%3Arn%3A595777570%3Arqn%3A1%3Au%3A1652215090588838768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215088331%3Ads%3A10%2C37%2C747%2C0%2C0%2C0%2C%2C416%2C0%2C%2C%2C%2C1319%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215090%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A150813814871%3Ahid%3A928493339%3Az%3A0%3Ai%3A20220510203809%3Aet%3A1652215090%3Ac%3A1%3Arn%3A595777570%3Arqn%3A1%3Au%3A1652215090588838768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215088331%3Ads%3A10%2C37%2C747%2C0%2C0%2C0%2C%2C416%2C0%2C%2C%2C%2C1319%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215090%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29

152 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 404 Primary Request florida Show response
www.pua-unemployment-login.com/ 46 KB
11 KB 794ms
747ms Document
text/html 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5e781551b26f8fdaaa828b555b92cf515e8a481a92ea4f544c25a982e7b9f75b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 70957a0e68508ff4-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 20:38:09 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 11 Jan 1984 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F7u73yjmkhpb2DgivTQSgoNF3o1C7Yl0usdWNe%2FgZsUUoDmzrrElweM8D9jZPIgUtveeAIdqKlROJGNsrK%2FEA1QzZQUY9pVKG8gMyQjV6Rqi%2BaciBUCNnQC8hU6Xw6%2Fjloh73vRITPpdNe8arBfIs5V4jPpcfTk7dlaw9sA%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
x-cache: MISS

GET
H2 200 analytics Show response
platform.foremedia.net/code/8428/ 1 KB
1014 B 175ms
123ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/analytics
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb02060fbb2cd5a6affe0d185aca6d9227a2c2fc53cd7b5be44ca9b95f2cec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2FtBMfBgIUI1RxSlDP8%2FfxwB3ozXTtH%2BESsIiTVCplog%2F03nbm1zjHXjYrOug1jiAuq54k1cW0ivN30UjNHivsJj1p8gwwqj2Qf9lc3m0oVVIKQKNmEoX8y137BhZuKS%2BqoQIscjnPyINGlpE9V%2Boym0yo%2FR"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70957a138b695c7a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 5681.js Show response
cnt.trvdp.com/js/1319/ 6 KB
2 KB 75ms
9ms Script
application/javascript 2600:9000:2156:1000:1e:6a6f:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1319/5681.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1000:1e:6a6f:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4257ae7fef496cc1b81dd5e2fab57e8c938400c10b11566bf3a7fe41ff622f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:39:48 GMT
content-encoding: br
last-modified: Wed, 24 Nov 2021 17:29:03 GMT
server: AmazonS3
age: 14439502
etag: W/"067d663d6cf48d47cd216775910d4fbb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: d8VuaoPQf-nyN2XipkOQiiuzTYI6HbNVRQMnUxzvQBk4HdBWhxJ0Kw==

GET
H2 200 style.min.css
www.pua-unemployment-login.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 203ms
200ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 09 Apr 2022 09:46:05 GMT
server: cloudflare
etag: W/"625155dd-145db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RJbsqY07kwTSAgqGMQ86wBeILWQlqbLi6AjDtVQFeboXkevM47D9Qoadqvdxb%2F4OenP7aKUr7QTgVw56N4Yn30a7ycPZW1s5e7fAAd%2BUkdkt6zR4vvBIuWXb7uaDM%2FwEkOWx2wWgtKC9kOBy8%2BKe%2BTCn7qgFqT3lptOYStc%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a1339a88ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-options.css
www.pua-unemployment-login.com/wp-content/plugins/widget-options/assets/css/ 1 KB
638 B 189ms
186ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 03 Mar 2022 04:50:58 GMT
server: cloudflare
etag: W/"62204932-416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kQGUUUzweqNa2s%2BWR450Pm8gZ6RRktQH6yhUm1ETltrsw5ZJ5jBIVxD5SJbyyhIDRgX%2FM6aYrxI35oaDNDkTVXAbQXFQqJIKsYUlUYpdvQjMb%2B9Ai9IuuA4ZSZwHV7tBRHtLJ6Ck8%2F333Xp4kg7j1VsZ%2FS3U1ISmSrqYg28%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a1339ae8ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/ 73 KB
14 KB 196ms
193ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/style.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f16d8326116bc400f710c0fb751e4c151e84607f53dbc6ef0d7763a874998f3f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-12466"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U6Zc%2FJNg%2Bi%2BOAxLnuvovgt%2FcdA4Hdv59%2BOtPlTJoH1MfCS17cRcihnBeH47h2SPv4T%2Fad3tQBvDYfVFkDgezg3zuN0Mo%2FxggJi5lnzVepyXBouTQjEDG5g4bCbJ4Ybh3krl4OuGS8kLWWniOlditw9aMKjjIsw%2F9cMQ6EqY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a1339af8ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/ 7 KB
2 KB 196ms
193ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/style.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4c85ed7df11b6e808802baa56fe5f5d4edf3fa3fa4b141a0907e41be4b7be79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 26 Mar 2022 05:10:16 GMT
server: cloudflare
etag: W/"623ea038-1d26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZuBkIKkAL3PUyKL4FDeCZUwn0lkva%2FiJiMwf%2BzARZPSWOKhli1JM8pK0w0Strr3DUHInx2A5Sxj%2BWLqS8uQXVlYkuYCENyrNfP9uom%2FBw%2B2ufr%2FZLGuUXignf8PBz8dvC5ogdB0w%2BLV6lVQW19FdhoD2CygnY%2FIdkrlaJ2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a1339b18ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 genericons-vfbebe6833240b44e5b7683d3f72df194cc085824.css
www.pua-unemployment-login.com/wp-content/cache/asset-cleanup/css/item/ 28 KB
16 KB 282ms
280ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/cache/asset-cleanup/css/item/genericons-vfbebe6833240b44e5b7683d3f72df194cc085824.css
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: daafcea2be239153d008ee199e76693625d34e974bacea85cf393dda0f8da096

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 May 2022 08:15:21 GMT
server: cloudflare
etag: W/"6278cd99-6fb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2hHOH6hAUngGiCFpOZnSaKvRlPwrcnZh0dMECmHgFHMuv%2FHL9Hsr98CVHMhnTH3nZoL1U9ZCLbUclAGI26zI8qq1V%2F0%2FzxJVZjp9IlS1xE6lN4RUtBskOvSoXHHNOD9EiNx8uH4gwqasrLqOKryM9AJetvdYmly02dvkPGs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a1339b58ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/ 7 KB
2 KB 194ms
192ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/style.css?ver=20201208
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c4c85ed7df11b6e808802baa56fe5f5d4edf3fa3fa4b141a0907e41be4b7be79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sat, 26 Mar 2022 05:10:16 GMT
server: cloudflare
etag: W/"623ea038-1d26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bcLrLBJkWnaVhR379TvKQvQW7xd31o9c87F2fOuqoAD2qL3Cf11JW025qxC6b9dxmz2GlsszLqa%2F%2Fx86DNQDo2dgbQPYjwOYtsEW%2FCW6Rtoqu%2BzQ7mCAhH9%2F3IvcAJk%2BBt2AsdbVQd5yQJqiniOdKKETzBJXVOv9dcsBvMU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a1339b88ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 blocks.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/css/ 9 KB
2 KB 208ms
206ms Stylesheet
text/css 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20190102
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b4ae55eaf1a6ad0b0e57074a1699c9024be2fcff537128e887ca3b8db516d489

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-241e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rBQ%2F2WK9e%2BE32UcnUgdegDGQTf%2Fy4Rl54gzEoQf4S1tVgxbARw2%2B%2FZIatnwPHBJssjVNqMlPErGBTzfiBoJlavkAmAjKDNJ0WyeEla1D0n7ojDGdbVaayUF1aZZ0VglP1efo0Wepagb2CrApjtE127mn7cXCk9bg%2BFpr2Vs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a1339bd8ff4-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 jquery.min.js Show response
www.pua-unemployment-login.com/wp-includes/js/jquery/ 87 KB
32 KB 318ms
315ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 13 Sep 2021 05:11:34 GMT
server: cloudflare
etag: W/"613edd86-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kRR3mS3T0PoDVfwg6y%2B4HwlWoFu7X9EIf7a3uWNi0NtAkDAFvaTbySoZH9z0aFLjyQPeophXe9b8zcSc1nvOwQM74YL2JfSEJeA%2FxJ2XKqDyRzAhaPnFpovD2RRGtYf%2FL6%2BzsAzJXRFsqFI%2BrGiBIXzdd9J4njo%2FHu3hUwI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a145a679b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cropped-PUAUnemploymentLogin-logo.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/09/ 4 KB
4 KB 37ms
35ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/09/cropped-PUAUnemploymentLogin-logo.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93fbf26c7da3d17b1d602ee05d91d63af89666e1c7df99fa9ea7656973102c9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 30633
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4036
last-modified: Mon, 27 Sep 2021 05:30:47 GMT
server: cloudflare
etag: "61515707-fc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gWITQbEIKI4Iw9tawm7KzM4OxzXO0KRV%2Fgv2KzJMNLfOCpR6Qom7di7Uo7ILDCx6geB2P28hjzX3TKIJCTSx3yoI8I9F5VI%2FNJMj6bVWn%2Fpj1YQHl%2Bawc%2F2wKjhxC0Glc%2B8ZtyKjjPmSoABF9OH6Yz2fFq5o8Qjb0aGUZhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 70957a145a699b9b-FRA

GET
H3 200 c5 Show response
platform.foremedia.net/code/8428/ 1 KB
991 B 177ms
154ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/c5
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccceafbf83aec903f0974b23f6c94fac56cebb332adc6d7fb48f4d957ff6329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=D4m5er4z%2FkYlDK%2FMXWsoykdiJNuOAYVImMXNCEf%2B9TILMpMcU09MrqAH4vppOdiCbZ3XEmyObt6i4zNv58qIqZonnqe9RmmiKr3ROImYwiZ487SPEJwxM1UEdKijbQuILdm%2F1TCnFPt81pQa3IpwvZ771%2Fiz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70957a147aed9142-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 199 KB
69 KB 880ms
817ms Script
application/x-javascript 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b0f5a0cc806846ed2f58fbb2740c4c7ef9ad190e401368493c1442b7dcc9eecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 08:07:53 GMT
etag: "17-JFnhdNKXF6rpRO6vlr0R3LvmkLE"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 81d81e7c99b49e4b194316901885e392
timing-allow-origin: *, *
content-length: 70342

GET
H3 200 c3 Show response
platform.foremedia.net/code/8428/ 1 KB
1 KB 177ms
155ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/c3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da524ab3b63b0729cef49c40106e10fe0f23483c0a761355cbbb7ee3742ccc28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cSBIrAJPgEbQRpB9hNBiCVJpi8w9dodybY3FvdYe6QlSWE6h9%2B%2BRxXZ5FGDs9mNYLyPDZsJnouRm2SKY5PNnFmTnl3XTkSHqapXQC3e2gw7MMMA6p9fxv%2FHZu%2FKwnoILr7uLHXa3AuBhAIsZ40YPJ2ISRbi2"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70957a147af09142-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Best-Amazon-Deals.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 55 KB
55 KB 364ms
361ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Best-Amazon-Deals.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe6a6b5b64bf6ea1a25fd5aa7c736f971111fa066ba856cde47432d02dc263b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:52 GMT
server: cloudflare
etag: "6072f1d8-daa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i01eKsaBzruTbaLm5AgJYF%2FsFpLrg7AAlR%2FMI0Go0PWtvyZuo4K8obNdSP6UJz1qIpaMGVPw%2FPXPh8dpdMq%2BhSFBB6lUHf%2FCTo4NnNGzFhQYXmlCsxl8seDzghTS8E9BzXVdKA5cHVSxDvQIHSxt252kquPyUV1ovdtY%2FkU%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70957a145a6a9b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55972

GET
H3 200 Best-Amazon-Coupons.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 75 KB
75 KB 384ms
381ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Best-Amazon-Coupons.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e40143e736f525cb284279c368de9f5a44ab9278dba7911c1157d5ec0ba0a810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:52 GMT
server: cloudflare
etag: "6072f1d8-12bab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MK%2FmSumaP5dJ7PSSelHWGJgGQI3rEoaB9S3Ce2a7GK9FpjvRgge3Bf26LHUCjOTuMTrdTgRSYdSJx0nnd6Xvtxda5qPWonWsLyKOEfh39WLm%2FGLFLF8q87O5pfTQytaF7VwpL%2BjtFJFAWdxR0Vwhn2VosmTp%2FHTSaeRHHMI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70957a145a6e9b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76715

GET
H3 200 Amazon-Prime_Now.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 49 KB
49 KB 397ms
395ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Amazon-Prime_Now.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df174ce03e6a22ad812e3301fa1cb4c94bb1c8fc36690e4077a958c4446eabb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:54 GMT
server: cloudflare
etag: "6072f1da-c398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GF7RKMjpFe4GLgCwFUdIbbIHa8%2FuXG07ym0J1GCHT1Az7mDbEnWNSLylBJEL1iFKAhWcsZ5mmjs1yQi1MV5BBMVwnsrwikzGQ951TRwbphY%2BMK5SMQI%2BVl04jAryF%2BLiOdYuAk96vep1qJM8Hsi2p0ssqfQ1u7AYRrcdam0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70957a145a6f9b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50072

GET
H3 200 Audible-audiobooks-podcasts-audio_stories.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 56 KB
56 KB 400ms
397ms Image
image/jpeg 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Audible-audiobooks-podcasts-audio_stories.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e467b8cb04f6f34bd50fa7f2f15a21d229f4403a8b88b25456219689377819ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:54 GMT
server: cloudflare
etag: "6072f1da-df53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sg4VPfGWleWlf7fPVmZ3FIm3Reh558GoGvnM1b5JmNaOf%2BPBG60WMQ5geSY0WLk0%2BgUKMJgW0Y%2FdutYOpFOcqu2abhMXN9yNQJGDrrL4Lu7zUVyfPo88zUZSBRYtbSm%2B0KprQO5JXB8CVu0yWKc7IMcLR0ob6QwHxKJEU9E%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 70957a145a709b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57171

GET
H3 200 skip-link-focus-fix.js Show response
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/ 1 KB
1 KB 207ms
204ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e1f5f3bcc04d296fa4bd24e268a974667ea40eaaeacd747b0865b4595d33ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvWXwj%2FBH5hK%2BHOi86%2FgSKFPEYANfrJRlT%2F1%2BtAxD67iwqR61jfnLqHKxmxggXuRsAzCA%2Fgo9P5pBWPT8AeR0FImraMGRsy77k7Cewv0nbrtNa%2BQq5sBIGjOb7KOQMLSlBQNslIJngdYFEvNetxn7jqo9nPhJqVikdkqEk0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a145a5e9b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 functions.js Show response
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/ 7 KB
3 KB 205ms
202ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3616341a626ff768304cda8ac64aca4a6552ee71d542f2f5db100605ec798548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-1d76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k40SnkZpoywq%2BxKLbzWqDaymOFImox4KyI%2BT2Fa%2FA2bX7YjBJBr%2BoJnIrkfjs8P3cyCgLhPddBsEa92jeo3etaeQyVpUIgs2lcxuaXUUAP1RX89C7klX7Vqjf25VwILGzISIbglDehh1eqDLe9DB6v1sheARGKIfS5c4WZg%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a145a619b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gtagv4.js Show response
www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/ 91 KB
35 KB 284ms
281ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Mar 2021 07:37:06 GMT
server: cloudflare
etag: W/"60506022-16ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CQhCUHhmNihD0RTEzV%2Bjwrrc0e49OJo0KOEoY95spMUlf6NWqnmJYZUZ0Koq7JZQlkQGGk71%2Fxc8neu1ALU4ezjt%2Bi1wzRYViK1VQtx%2FbEYhxaEw5l2v6To4ev4yK0j923qtKU0lmi4e62n%2BnGGRUlZryEdxWiLpHjSxDwY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a145a729b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 footer_float Show response
platform.foremedia.net/code/8428/ 1 KB
998 B 177ms
155ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/footer_float
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b69a3dd2271ada2d50dfe7bfaea402e8ae9d830cd245e34fac2437ca33158d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KLJmtEF0EAxWlx%2Be3Tj7wY4sptdVHzK8kyd2MPPtRpGhkSjPEUzlpZSby1PirqDX8xK5B1Os52uKurbjJHPpBOqIQ2LJ4JHC%2BR5sMi75Dr%2FqY6jDXxr%2FjnXfUHv4XfvdQof4UFMCA%2FloMoanvE8xxLx9j7tK"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70957a147af39142-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
www.pua-unemployment-login.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 35ms
33ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/florida
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 May 2022 02:56:15 GMT
server: cloudflare
age: 2032
etag: W/"62748e4f-2063"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=90LI14Qo26IojY8L%2Bm5FQ0JTE%2Fp1raZGTIXb%2FR6XnSzFIwI%2ByjvcqL1VI1MSU55Nz9ZP1jH1AOlNnEjTPK%2BbBQ3rzOPAwC%2F6Xm69V4cOOrXHH0lGTQ%2BojBD32rGe2EgJd7UYacCwYVkbdeKk%2BDZFKsH2YkV5HkmTuR2A8Kw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 70957a145a779b9b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 analytics Show response
platform.foremedia.net/getcode/8428/ 8 KB
2 KB 178ms
159ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/analytics
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/analytics
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d637341e9d6d89752d08ae604391544a79e884fcb68c56a617c700b906555b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=msIR%2BrDhrGotBlr9%2FswyWN1vUlXA1ttkkeBcapim8uBjceWRirii6iLVdS8%2B5sp7oRDtKyjmR0df%2B9DrC08H7JN6y5EP7hLOkzdorY8Fq3n6YZEanz814gTdMOwMKL4LzagZFJkJJTlmWyChD7yLlkTgoHmL"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70957a147aea9142-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://www.pua-unemployment-login.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H3 200 c5 Show response
platform.foremedia.net/getcode/8428/ 1 KB
865 B 141ms
141ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/c5
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/c5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc7efc48e5c37e8d392a52637dbdacc1b81c7ba29c8f10cd5a0ddb3cdd3fb180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b5iaJLt72vb20K%2Fyq%2B7EQfKAGaw3zrYwKzXu63%2Bd4xsGVTBGYwKnmmDkB4MiSsFUq4Id0YtWDeWFIMSFTuSlVoAeH4xC8Kg4JjkVeEW02WDRhTnM%2BtoVbEkrKG9lgux%2F%2FQ%2BK8K3%2B0UtjnEvpAoOHH%2FC7U7nN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70957a157d239142-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 c3 Show response
platform.foremedia.net/getcode/8428/ 1 KB
855 B 115ms
115ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/c3
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/c3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a9eaebd1e51360e20a453fd080f7dc7ce220eb009c50c3337b41cf1b0db975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WVqRH%2Fy%2BToZg%2Fhc55f0eA34J5OPUMVdX7cSIkCVsXYHLbcFUPXIilnSyNKvAJv4OrtIABsQHv1cD2ckT%2FUx8J9cKePSveXqjOpGGkcqx7wzTM3Bma6SW9ZfIuGDRoaEok7uKsQ1UP4CupDx%2FS50yn1j7bbi5"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70957a157d269142-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 138ms
48ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8428/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

807d88ecc70a2cc1190dcd8e5f797138310a11e36f89f12bb4d71dda8cce0eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38877
x-xss-protection: 0
last-modified: Tue, 10 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 20:38:09 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 123ms
40ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8428/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

f63c6de989281851ed59dfa1c06a7eecd4ab37f89453a7dd89150a2e1b8be469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28409
x-xss-protection: 0
server: sffe
etag: "1211 / 659 of 1000 / last-modified: 1652204103"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 May 2022 20:38:09 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 277ms
115ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-1149e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70814
expires: Tue, 10 May 2022 21:38:09 GMT

GET
H2

200

1
mc.yandex.ru/watch/87761349/
Redirect Chain

https://mc.yandex.ru/watch/87761349
https://mc.yandex.ru/watch/87761349/1

43 B
83 B

56ms
56ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/87761349/1

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:09 GMT
last-modified: Tue, 10-May-2022 20:38:09 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:38:09 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:09 GMT
last-modified: Tue, 10-May-2022 20:38:09 GMT
strict-transport-security: max-age=31536000
location: /watch/87761349/1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:38:09 GMT

GET
H3 200 footer_float Show response
platform.foremedia.net/getcode/8428/ 1 KB
869 B 120ms
119ms Script
application/javascript 2a06:98c1:3121::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/footer_float
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/footer_float
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3121::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3a4411f186523148f4e4703a96f2259ee672b7b6133abe7953f243f571d7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RKMFrxQbO6dY9DbDOBkBWm5CboDEgY%2FqMS4qsAw5gy44FYOLrd0ICGnZtZC65TofW7gSeuxU4V8c7F1YGClgKPLs7KHL0kgnZxWLn2QXCUWonYUVd34c4mm58txVvJ8vOqZo68pCg5ROqgpkebb6WTyPgWB4"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 70957a15ad7a9142-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 136ms
49ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1&l=dataLayer&cx=c

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0537251b74236262947b8ab7e87900b1a00006b3fbab7f2dffebb660498ec4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38899
x-xss-protection: 0
last-modified: Tue, 10 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 20:38:09 GMT

GET
H3 200 pubads_impl_2022050501.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 105ms
33ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 207
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127685
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 20:34:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 128 B
128 B 115ms
45ms XHR
application/json 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

eb493a6b8a417aa33b098f8c0c34376509a6d7032b4f66351133c8325f84189c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:38:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 103
x-xss-protection: 0
expires: Tue, 10 May 2022 20:38:09 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
358 B 143ms
47ms Ping
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2X191KKTRE&gtm=2oeae1&_p=788338592&sr=1600x1200&ul=en-us&cid=1707897100.1652215090&_s=1&dl=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&dr=&dt=Page%20not%20found%20-%20PUA%20Unemployment%20Login&sid=1652215089&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:09 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9634.EtXVjvSvkP8d5D1Q2ef-t3QgOo7cGuZjzR1papO7Q-uYDhasLk975RP3D93MT5mA.2tARxmH_C29DnZuLGJvH7mOYGwc%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9634.foFJLrrs2pX8n6Q96bJDCO_4mvwXzpKhMRLG9FYvuBCn8XkmjTboEjp6_RS1aOWhs9JSSFM_syrfeKpA-AOCu0qX-nxMD-1ldXlD8ka7n9M%2C.AzOHbV62Z8ErsMoU6UIRlKuPtIQ%2C

43 B
331 B

62ms
62ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9634.foFJLrrs2pX8n6Q96bJDCO_4mvwXzpKhMRLG9FYvuBCn8XkmjTboEjp6_RS1aOWhs9JSSFM_syrfeKpA-AOCu0qX-nxMD-1ldXlD8ka7n9M%2C.AzOHbV62Z8ErsMoU6UIRlKuPtIQ%2C

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9634.foFJLrrs2pX8n6Q96bJDCO_4mvwXzpKhMRLG9FYvuBCn8XkmjTboEjp6_RS1aOWhs9JSSFM_syrfeKpA-AOCu0qX-nxMD-1ldXlD8ka7n9M%2C.AzOHbV62Z8ErsMoU6UIRlKuPtIQ%2C
date: Tue, 10 May 2022 20:38:10 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
100 B 62ms
60ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:09 GMT
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 10 May 2022 21:38:09 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 156ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 138ms
49ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 180 KB
17 KB 629ms
629ms XHR
text/plain 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1215277759983589&correlator=3083525621706368&eid=31067278%2C31064018&output=ldjh&gdfp_req=1&vrg=2022050501&ptt=17&impl=fifs&iu_parts=21863165165%2C22264204666&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%7C300x250%7C336x280%2C320x50%7C300x250%7C300x600%7C336x280%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C320x50%7C300x250%7C336x280%7C250x250%7C200x200%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C728x90%2C336x280%7C300x250%7C320x480&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2C0%2C0%2C0&ifi=1&adks=201602978%2C2183081903%2C3593666348%2C2311508265%2C574321577%2C2311508267%2C2311508266%2C201602981%2C2967810272&sfv=1-0-38&ecs=20220510&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&fsapi=false&prev_scp=refresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7C&sc=1&cookie_enabled=1&abxe=1&dt=1652215089948&lmt=1652215089&dlt=1652215089129&idt=771&biw=1600&bih=1200&adxs=-9%2C-9%2C1040%2C-9%2C1040%2C-9%2C-9%2C436%2C-9&adys=-9%2C-9%2C2369%2C-9%2C485%2C-9%2C-9%2C1110%2C-9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C360x0%7C0x-1%7C360x0%7C0x-1%7C0x-1%7C1600x6155%7C0x-1&msz=0x-1%7C0x-1%7C360x0%7C0x-1%7C360x0%7C0x-1%7C0x-1%7C1600x-1%7C0x-1&fws=2%2C2%2C0%2C2%2C0%2C2%2C2%2C512%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1707897100.1652215090&ga_sid=1652215090&ga_hid=788338592&ga_fc=true&btvi=-1%7C-1%7C1%7C-1%7C0%7C-1%7C-1%7C0%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

5cf372abec335b270ff49f4bab91ce6cfc9d2d31971ccc1564720ac375f2827d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17802
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2FBF 6 KB
4 KB 162ms
48ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:38:10 GMT
expires: Wed, 10 May 2023 20:38:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022050501.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 33ms
33ms Script
text/javascript 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022050501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

sffe /

Resource Hash

babb18965e9ca0d1953890df5b83fd4d714854b55e5af46dbec4bf768ab534c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468109
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13436
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 May 2023 10:36:20 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/87761349/
Redirect Chain

https://mc.yandex.com/watch/87761349?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1130%3A...
https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1130%...

338 B
711 B

62ms
62ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A150813814871%3Ahid%3A928493339%3Az%3A0%3Ai%3A20220510203809%3Aet%3A1652215090%3Ac%3A1%3Arn%3A595777570%3Arqn%3A1%3Au%3A1652215090588838768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215088331%3Ads%3A10%2C37%2C747%2C0%2C0%2C0%2C%2C416%2C0%2C%2C%2C%2C1319%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215090%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

46a0c74dcfb5f26ad8688225fa96e70beaf475fedbf60b3ac517c61dd7a8cb1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:10 GMT
x-content-type-options: nosniff
last-modified: Tue, 10-May-2022 20:38:10 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:38:10 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:10 GMT
last-modified: Tue, 10-May-2022 20:38:10 GMT
location: /watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1130%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A150813814871%3Ahid%3A928493339%3Az%3A0%3Ai%3A20220510203809%3Aet%3A1652215090%3Ac%3A1%3Arn%3A595777570%3Arqn%3A1%3Au%3A1652215090588838768%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215088331%3Ads%3A10%2C37%2C747%2C0%2C0%2C0%2C%2C416%2C0%2C%2C%2C%2C1319%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215090%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:38:10 GMT

GET
H/1.1 200
OK d3d3LnB1YS11bmVtcGxveW1lbnQtbG9naW4uY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 71ms
19ms XHR
application/json 184.87.213.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnB1YS11bmVtcGxveW1lbnQtbG9naW4uY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.205 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 10 May 2022 20:38:10 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=31279
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: a7a6e7adb8215d5261c4e854f96a81d8
Content-Length: 15
Expires: Wed, 11 May 2022 05:19:29 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 29ms
8ms Image
image/gif 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 09 Jun 2022 20:38:10 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 151ms
57ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f8876521f81784f02c89c3d8ed451c53e60d3b8e6a1937ff5e2c5838fe6e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10671
x-xss-protection: 0

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 48 KB
18 KB 43ms
8ms Script
text/javascript 65.9.63.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-90.fra56.r.cloudfront.net
Software: Caddy /
Resource Hash: 55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:34:14 GMT
content-encoding: gzip
server: Caddy
age: 11036
etag: "bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: FRA56-C1
content-length: 18458
x-amz-cf-id: BFe7NfGP1mN0jsJ55uuWLLBnOroyvhI603lciu5otTIADMdwPxiHkg==
expires: Wed, 11 May 2022 05:34:14 GMT

GET
H2 200 5681.js Show response
go.trvdp.com/init/ 6 KB
6 KB 47ms
8ms Script
binary/octet-stream 2600:9000:214f:e000:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5681.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1319/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:e000:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 930eb3f887b0f657812c12b21e1648e6955384adedca8aacab2855ed1d0b1acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 01 May 2022 12:50:39 GMT
via: 1.1 a3c2566f9e36ad3cdf79fc6307fcf566.cloudfront.net (CloudFront)
last-modified: Sun, 01 May 2022 12:05:49 GMT
server: AmazonS3
age: 805652
etag: "641671317bf70963ec45e1c50edb6c0f"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: BJNbLnSzsLOpnNEPqgF6dFOc4ECx31VICWf-qJcPi8kf7w-whUe6dg==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 175ms
77ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:38:10 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 2 KB
2 KB 450ms
204ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=13001068687267027509950148171129641895620268978121616090855913210222&nc=0&tsf=0&tsfmi=&pv=0&cb=1652215090579&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1738489652&at=&bid=e30%3D&di=W1siZWYiLDI4MjddLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyKVwi%0D%0ALFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJv%0D%0AbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixc%0D%0AImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NyxcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQg%0D%0Ad2ViZ2xcIixcInNlZlwiOjEwNTE2OTQwODksXCJzZWNcIjpcIlwifSJdLFstMSwiLSJdLFstMiwi%0D%0ANDgsZVlHOVgxL1gxdFpsUzIyZDUxeDhZTlk5TXhKUUVNQ2RVQkhKTDg2TDIzQUNHVWhCSXdJU1NF%0D%0ARUFjSUpmUmVBZ1FJRUZvSW5kQ3h3UVhqaG8yNzE5Nm1Nak92L3I4NzB1eHFGeCJdLFstMywiW1wi%0D%0AaW50ZXJuYWwtcGRmLXZpZXdlclwiLFwibWhqZmJtZGdjZmpiYnBhZW9qb2ZvaG9lZmdpZWhqYWlc%0D%0AIixcImludGVybmFsLW5hY2wtcGx1Z2luXCJdIl0sWy00LCItIl0sWy01LCItIl0sWy02LCJ7XCJ3%0D%0AXCI6W1wiMFwiLFwiY2hyb21lXCIsXCJhbGxvd2VkXCIsXCJibG9ja2VkTGlzdFwiLFwiaVwiLFwi%0D%0AZm9yZW1lZGlhX2ZyYW1lXCIsXCJmb3Jlc2hvcE1lZGlhRHluYW1pY1RhZ1wiLFwiZWxlbWVudFwi%0D%0ALFwiZlwiLFwiX2NyZWF0ZUNsYXNzXCIsXCJfY2xhc3NDYWxsQ2hlY2tcIixcIlJvY2tldEJyb3dz%0D%0AZXJDb21wYXRpYmlsaXR5Q2hlY2tlclwiLFwiUm9ja2V0UHJlbG9hZExpbmtzQ29uZmlnXCIsXCJm%0D%0Ab3Jlc2hvcE1lZGlhRHluYW1pY1RhZzFcIixcImZvcmVzaG9wTWVkaWFEeW5hbWljVGFnMlwiLFwi%0D%0AZm9yZXNob3BNZWRpYUR5bmFtaWNUYWczXCIsXCJmb3JtZWRpYUFkT2JqZWN0XCIsXCJndGFnXCIs%0D%0AXCJkYXRhTGF5ZXJcIixcImludGVyc3RpdGlhbFNsb3RcIixcInN0YXRpY1Nsb3RcIixcImdvb2ds%0D%0AZXRhZ1wiLFwieW1cIixcImFkVGFnc1wiLFwic2NyZWVuUmVhZGVyVGV4dFwiLFwiR0FfSURcIixc%0D%0AImxhenlMb2FkT3B0aW9uc1wiLFwibGF6eUxvYWRUaHVtYlwiLFwibGF6eUxvYWRZb3V0dWJlSWZy%0D%0AYW1lXCIsXCJMYXp5TG9hZFwiLFwiaW1hZ2VzXCIsXCJpc19pbWFnZVwiLFwiaWZyYW1lc1wiLFwi%0D%0AaXNfaWZyYW1lXCIsXCJyb2NrZXRfbGF6eVwiLFwiZ29vZ2xlX3RhZ19tYW5hZ2VyXCIsXCJvbllv%0D%0AdVR1YmVJZnJhbWVBUElSZWFkeVwiLFwiJFwiLFwialF1ZXJ5XCIsXCJnb29nX3B2c2lkXCIsXCJn%0D%0AZ2VhY1wiLFwiZ29vZ2xlX3RhZ19kYXRhXCIsXCJnb29nbGVfanNfcmVwb3J0aW5nX3F1ZXVlXCIs%0D%0AXCJHb29nbGVBbmFseXRpY3NPYmplY3RcIixcImdhXCIsXCJnYUdsb2JhbFwiLFwiWWFcIixcInlh%0D%0AQ291bnRlcjg3NzYxMzQ5XCIsXCJnb29nbGVfbWVhc3VyZV9qc190aW1pbmdcIixcImdvb2dsZV9y%0D%0AZWFjdGl2ZV9hZHNfZ2xvYmFsX3N0YXRlXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJd%0D%0ALFstOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJv%0D%0AZzp0aXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjA0NzYx%0D%0AOTA0NzYxOTA0NzYxNn0iXSxbLTE1LCItIl0sWy0xNiwiMCJdLFstMTcsIjQiXSxbLTE4LCJbMCww%0D%0ALDAsMV0iXSxbLTE5LCJbMCwwLDAsMCwwLDAsMSwyNCwyNCxcIi1cIiwxNjAwLDEyMDAsMTYwMCwx%0D%0AMjAwLDE2MDAsMTIwMCwxNjAwLDEyMDAsMCwwLDAsMCxcIi1cIixcIi1cIl0iXSxbLTIwLCIxNzA3%0D%0AODk3MTAwLjE2NTIyMTUwOTAiXSxbLTIxLCJLQWJGaVJVdCJdLFstMjIsIltcIm5cIixcIm5cIl0i%0D%0AXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxbLTI1LCItIl0sWy0yNiwie1widGpoc1wiOjE4MjAwMDAw%0D%0ALFwidWpoc1wiOjE1MjAwMDAwLFwiamhzbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsMTAsMCxc%0D%0AIjRnXCIsbnVsbF0iXSxbLTI4LCJlbi1VUyJdLFstMjksIntcInZcIjpbMiwyLDIsMiwwLDAsMCwy%0D%0ALDAsMiwwLDIsMCwwLDIsMiwyLDIsMF19Il0sWy0zMCwiW1widlwiLDBdIl0sWy0zMSwiZmFsc2Ui%0D%0AXSxbLTMyLCIyIl0sWy0zMywiLSJdLFstMzQsIi0iXSxbLTM1LCJbMTY1MjIxNTA5MDU1MCwwXSJd%0D%0ALFstMzYsIltcIjQvM1wiLFwiNC8zXCJdIl0sWy0zNywiLTE0NC02Ni0xODAtIl0sWy0zOCwiYywt%0D%0AMSwtMSwxLDAsMSwwLDEwLDM2LDc0OCw0MTUsMSwxMTMwLjQsMTEzMC40LDIyMjEsMjIyMSJdLFst%0D%0AMzksIltcIjIwMDMwMTA3XCIsMCxcIkdlY2tvXCIsXCJOZXRzY2FwZVwiLFwiTW96aWxsYVwiLG51%0D%0AbGwsbnVsbCx0cnVlLDgsZmFsc2UsbnVsbCwwXSJdLFstNDAsIjMzIl0sWy00MSwiLSJdLFstNDIs%0D%0AIjE3MjQyOTc2NTMiXSxbLTQzLCIwMDAwMDAwMTAxMDAwMDAxMDAxMTEwMTEwMCJdLFstNDQsIjAs%0D%0AMCwwLDUiXSxbLTQ1LCItIl0sWy00NiwiMCJdLFstNDcsIkV0Yy9Vbmtub3duLGVuLVVTLGxhdG4s%0D%0AZ3JlZ29yeSJdLFstNDgsIjAsMCJdLFstNDksIi0iXSxbImJuY2giLDExN11d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A1055%2C%22y%22%3A911%2C%22w%22%3A324%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=1hnNI4Ardq&sdd=%7B%7D&pto=2253
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 4dc2627f9d1dc33a1762de36848752d4825c77a206438ba6fc1a024dbeb71749

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:10 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1484
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 7 KB
4 KB 175ms
112ms XHR
application/json 108.157.4.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1319&wid=5681&cb=2379.409318325294&pid=4272&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-117.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: ea39e3754988e70a1f25540adc5c1fe719e14a6e872ae1c281749029fe16dfb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.pua-unemployment-login.com
access-control-allow-credentials: true
x-amz-cf-id: GYYpDGG4xp4I_YbwB3dqEs0vvNs8vYInbNU2ENEWiD5zH-1OqL-weA==
via: 1.1 d45a8c6f9f33ed6e98c7762d0a4f951a.cloudfront.net (CloudFront)

GET
H3 200 container.html Show response
77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5486 6 KB
3 KB 123ms
43ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:38:10 GMT
expires: Wed, 10 May 2023 20:38:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 67B6 6 KB
3 KB 113ms
42ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:38:10 GMT
expires: Wed, 10 May 2023 20:38:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D8C7 6 KB
3 KB 109ms
45ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:38:10 GMT
expires: Wed, 10 May 2023 20:38:10 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D376 13 KB
5 KB 135ms
40ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7441
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 18:34:09 GMT
expires: Wed, 10 May 2023 18:34:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 00D7 783 B
1 KB 151ms
49ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

738c90266cb79db53607744bffa92fc9af82018bb1d72f147bdb30355b51f91b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5EL5fSMN2M9zVctqKZWUAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 515
content-security-policy: script-src 'report-sample' 'nonce-5EL5fSMN2M9zVctqKZWUAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:38:10 GMT
expires: Tue, 10 May 2022 20:38:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.742/ 658 KB
179 KB 88ms
9ms Script
application/javascript 2600:9000:214f:4e00:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.742/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:4e00:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 14:40:17 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 06:41:24 GMT
server: AmazonS3
age: 2354274
etag: W/"d40fd85fcbb9dac1ff245ac8cec6aeb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c714e4f593454d65f62cf3fecf756a4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: RX__cOzzATRCVNDP5ZB8BwYT3AJsBMIa0PK4qf6SZ0V4wPx0HRi11Q==

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 67B6 0
0 99ms
98ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CyfFKMs16YrvvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSKAk_QnKKEd4w5m-0zppyYIhuQqLHVxRVykPj8Dn_VjswIIhBceFpCKiFNvr8AbZXC4hQlCE0nJ9gXmQ4IUKzW91wd9bAV-gbGFwKffu1FnkuNQQkJmlGHABpOQjPf9PRGHl7157lALz8GzSF4HkutEM4TVW--M_XV1D3a1nyZohvvqgmsQUbhj9utOhgT6Tjfw6gNecxKD5kiMeHPym__6YwBszkn3iWu10U5Gfh5BupxFQJM_32sPdjtvl5tdfjcsHIFy5yu8HaVOtica3RLBiiYKCoDqxLHt7NCv4Xsyyna40bZJAQ7LXgrs3rF7RbAp7KZXoZTaRZFnYIvQYI7NAO0EIJlvXcXXqAg4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03MDExOTU4ODM0NDEwODkxGNPacw&sigh=ggZN5WH-_dQ&uach_m=[UACH]&cid=CAQSLgCNIrLMBgMvdt7ALJ5VSGi7xpAEqXFoiJ0SpRpTQ_77VTBvWczv4ZxBIEFoAnMYAQ
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 67B6 0
0 112ms
40ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EI-lBKwC2ASdg2ICAgAAALri8-6L2MhMEDLNemK13_yB-_fPtifI5wASAAA&wp=YnrNMgAAt7sKd_uCAA8AEOf5PTQhMqek5hxQZg

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 303422
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1896 202 KB
57 KB 171ms
132ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt7sKd_uCAA8AEOf5PTQhMqek5hxQZg&u=%7CfepHkZK%2FpFgV8bj7qL49NWEtCtDgjivPY9rr8qEJAEA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA5hKUJQuFTAInZcCRQkTLkE4J6vEvHU9Z66Ych32zk29Vyr1WcBNyIFgZQX6Z33kPQi-aMYI70jQkKdyEv2of7a0Lb8BVO_A2a6nGsE3ajn1zC2wGiGZO_xPPqFJNpaPqL6_qzW2PuVbt3oEKu_pxUh8hOp0n5JBLMdXtutPSX3ev8aqKFGDQW4dfduBJiXstbhkP8ki9B8rWP-7krxTWRJtBCyApnwV9FJkOR5M_pktDaY56tpXV6vxXnLCdmsMHxdq6liloze5jUXqaWCIltSdnINuJ8zqgZkxLBPs-mOY6y1ff0OZj4jt7Fwq5SKjZa04rMcU3_blpKYPQXucP5W7jXfpJznzcwug-HhnrmgW8Xz8ks4mj4RPkbnKubDNj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw5NvMs16YrvvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSNAk_QnKKEd4w5m-0zppyYIhuQqLHVxRVykPj8Dn_VjswIIhBceFpCKiFNvr8AbZXC4hQlCE0nJ9gXmQ4IUKzW91wd9bAV-gbGFwKffu1FnkuNQQkJmlGHABpOQjPf9PRGHl7157lALz8GzSF4HkutEM4TVW--M_XV1D3a1nyZohvvqgmsQUbhj9utOhgT6Tjfw6gNecxKD5kiMeHPym__6YwBszkn3iWu10U5Gfh5BupxFQJM_32sPdjtvl5tdfjcsHIFy5yu8HaVOtica3RLBiiYKCoDqxLHt7NCv4Xsyyna40bZJEY5DOqsPObWUorUBGKk-H5afRzzl6w3wzbzCaVGr5xJpfK92rOfG5OQ4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WglmhtbbqemDaB-kady06wiQl_g%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

10e0ca4258914d0fece7ea85c62fd7ae9bea1f48ad65b5dbb2a8251ebfdbc6df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:38:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=BtnA_HDPO5gxJOpp_GW-7TkmXqSzxuX-TqGtRNMNz5r4dHYFu8AzcQD7RjCudQtM4kyYF8lmkEixv8iqWjEiQJogoHg-BXGEecb7z0Rnid_xzahshyuHD5H6oa-nu6prUwTpp-eN344rkuILfWLWSR6Uwb3b5tJaFYtY2ttpe0NJu-V7lgcCTzAARMxeu7XH5L8JGKxm8X7-zRsh3F4E-7n3k3e2x8CPHVNRGE82djI6N92Zh7N-fyeVQcPVjAsTTHNCtw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 112045455
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 67B6 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2021.js

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:22:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 67B6 120 KB
37 KB 203ms
63ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:38:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 67B6 15 KB
6 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0e7c44952ddcc2591ef2fc3ef2b99fc6623fa8a02e8f4c04957362695f91dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 19:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6374
x-xss-protection: 0
server: cafe
etag: 12872279909177429123
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 19:48:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 67B6 0
0 147ms
49ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSUNtIbfBXKwq4pO3Ipeuo36JAwkcDIvaV-HXKl_ItVeGqZULHy-M7-Q1tujpe_Udyy9XN3
Requested by: Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 67B6 22 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 08:32:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5486 0
0 93ms
92ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CxT9bMs16Yr3vAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSFAk_QLk6Hu-sGgyQksoKvneittzdsXeCYvARo3LXrLMqwfmKOlLGA5mm1x-NtOFZq0fy2oWAhInUefbE5t8zwkaSPJzGP5xMwWAxpjdo1etXXJ5GDJi2-8gblgJueC-iBWyXlBh-OCU8NDWtEx9Du_4-MY3vOOzvWpwcnhbCxHMAvio5sEka5_WH1qb21ncmfxzzKUR_Thuu8XNjA1LYYPrMIvKD1ZXXhHCnDsoxsriG8oSZM73avUNBQ0ibjFkoVddgHAP-coCm1lRNpkTisJo2weoSuHR1IKddQwzdoU2sk8y8M4fgLjzVeQU9xf8WhH_OXbwhE2SG8I5lHh-UiyTuIp-1pMOAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAGACgP6CwIIAYAMAdAVAYAXAbIXHAoaEhRwdWItNzAxMTk1ODgzNDQxMDg5MRjT2nM&sigh=rfzVtOu9DjI&uach_m=[UACH]&cid=CAQSLgCNIrLMBgMvdt7ALJ5VSGi7xpAEqXFoiJ0SpRpTQ_77VTBvWczv4ZxBIEFoAnMYAQ
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5486 0
0 105ms
39ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8ELikCdACmAKdg2ICAgAAALri8-6L2MhMEDLNemLVUxNi1F-CUN_irgASAAA&wp=YnrNMgAAt70Kd_uCAA8AEDePGr5mKN7Grkj1zw

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 212288
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0435 162 KB
50 KB 193ms
160ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt70Kd_uCAA8AEDePGr5mKN7Grkj1zw&u=%7CfepHkZK%2FpFgTKnu8JnUYMBNU6p2fv%2B608LFDCyKeDI4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh21D9JdyWuQMCX56wCQsogyPQPgBoDpX_43yXC8yuS4MS7XNyFDnLM0E79k0ha_hLehdw0eqCGU_Ma33rgoT33Yws5q9i9sXP3ezNn-O1_ZJPl8g5ZPmE6zkV_fMU4djgn_A_nywIZpZRBSiTChdUQu7CFrS8_0PPwCdWHkRhGgzcWtnp2yflon-An6nL3qOdS9c3tSmhcp3UKE6un9pWgRU5-fmxbEmp47KUz1UlKoxTJIOunj66eBoEgD5CczhCpDZa_4OsTTA9aBVaOMmbHXhEa1fuLmVl7ILSgdEQEsZmEEhOjxW2CEdEPRB8EpDYK6AT3ZjHILBjvBZvC_r6X6JyU6f9D509dTH5JtaVq9DRvC82rGTtxsbl9wo3cEEH8Cy7oD1Dvb4IlSUd0WezA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX489Ms16Yr3vAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSIAk_QLk6Hu-sGgyQksoKvneittzdsXeCYvARo3LXrLMqwfmKOlLGA5mm1x-NtOFZq0fy2oWAhInUefbE5t8zwkaSPJzGP5xMwWAxpjdo1etXXJ5GDJi2-8gblgJueC-iBWyXlBh-OCU8NDWtEx9Du_4-MY3vOOzvWpwcnhbCxHMAvio5sEka5_WH1qb21ncmfxzzKUR_Thuu8XNjA1LYYPrMIvKD1ZXXhHCnDsoxsriG8oSZM73avUNBQ0ibjFkoVddgHAP-coCm1lRNpkTisJo2weoSuHR1IKddQwzdoU2tm8Q6eZneXnIrCVeyhQmNZFued2QJqwaMI66ThdVo85SMNDWl6j00U4uAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CQR9pI4aUofppY4sjtwTGqToijw%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

bb88d2cbfcf713d2506dd8ebc0d757b48b1e8ba2de0e67d0950f4e563d753f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:38:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=TRNhNXDPO5gxJOppIBNGBNs4nRf-Fixs5j39y2PoOaFSm-5UzGz4MscKhzrZKvS3lLWHkikX5thn7AUbwJuDaYEkfer5vCkAxTVdtiYTyN_HQay10MVvDmFkXBrhZc9ZJ7QofqslE0X9S51DLaT9RasSG7Y9H5qdZWzemmBXkt0EztoVUSCishCgsceMPrHFGfr4GO6d4ocx_WYqOAHv25umwu5tcUqf84C-k6bgZ2Y-CLyZGwUXsFXspGiq5cupjnyTuw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 116729050
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 5486 3 KB
1 KB 61ms
60ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2021.js

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 916
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:22:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5486 120 KB
37 KB 207ms
73ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:38:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 5486 15 KB
6 KB 48ms
47ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0e7c44952ddcc2591ef2fc3ef2b99fc6623fa8a02e8f4c04957362695f91dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 19:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2989
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6374
x-xss-protection: 0
server: cafe
etag: 12872279909177429123
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 19:48:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 5486 0
0 142ms
50ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQQAmL5vvEmC8pehzc43j76jHBjrr1HAV-j_EU68B4FRUA-gUU_YRuIQABE_J0dIb2OwZKW
Requested by: Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5486 22 KB
7 KB 53ms
52ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 08:32:00 GMT

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 434ms
88ms XHR
application/json 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1652215090963&sessionId=bd64d3ef-b4be-c710-3a2e-07f5a41b3c3b&url=www.pua-unemployment-login.com&cheqSource=1&cheqEvent=0&exitReason=3
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:38:11 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 9ed6130fd35c4fe29b9c705f435577c6
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 10 KB
4 KB 214ms
163ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=%27.get_permalink().%27&idx=0&rand=3753&key=NANOWDGT01&widgetJSId=GS_6&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clid=bd64d3ef-b4be-c710-3a2e-07f5a41b3c3b&fdu=www.pua-unemployment-login.com&px=1055&py=911&vpd=0&cw=324&activeTab=true&darkMode=false&settings=true&recs=true&version=2000718&sig=KAbFiRUt&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5597b61e82a4030e5a234d5a233bc043991a0de5a47fd1ce14a61ea583883dba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1652215091.038891,VS0,VE139
accept-ranges: bytes
x-served-by: cache-lga21979-LGA, cache-hhn4037-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 17f7165e1a59816a1ccdb66cfa7054ec
content-encoding: gzip
content-length: 3352
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame D8C7 0
0 77ms
76ms Fetch
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C-D7NMs16YsDvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSEAk_QAHPnIGLwB7stWRiS_JXmTd9wbOwRMo379WmG1IvMv4Wquu3khv2Ij3JTDM0CaphhjNmPDzFBGG0YIBwMaru2IPBHIPtScfeVZzx1_jKCB7XkBoZb0v02H3bCgxjFDbpMdVk5yIBUjk0NHslB5WIs4XItfozprbFt8_trwaQrfSdBEbkwIwmTtOA1W_WN39IK-FCgcE9JC2Axd81_upEvujFiWD6-HB-GJkIoT7zqi9cEhKo4vSj_vWQ9l4izxuu16deoz6PoS97sWPNTO-ol3hLl2O_-Pe9f_dc03VvBZjHFqkIBFpEGuA1RnQ_KHTzfVYuTiQ70VCLiMCaB41KaCM3Z4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03MDExOTU4ODM0NDEwODkxGNPacw&sigh=MPZDAt4qMqQ&uach_m=[UACH]&cid=CAQSLgCNIrLMBgMvdt7ALJ5VSGi7xpAEqXFoiJ0SpRpTQ_77VTBvWczv4ZxBIEFoAnMYAQ
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.162 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s08-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame D8C7 0
0 101ms
17ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMg12AVanYNiAgIAAAC64vPui9jITBAxzXpiuR7lFkx1CgTPavIAEgAA&wp=YnrNMgAAt8AKd_uCAA8AEOy0BCc5dYQUOPbcyg

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/florida

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
server: Kestrel
server-processing-duration-in-ticks: 239969
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9516 145 KB
47 KB 151ms
132ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt8AKd_uCAA8AEOy0BCc5dYQUOPbcyg&u=%7CfepHkZK%2FpFjXYB6PJUxmEWHEM1tKeYesdP5xUll6YNs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-BiSE6tqOp4TSEGrMttvKWR2xZSKfKxYicO6SEunw7VO4tXnpGsP0QDYcFK_dTw8VZm8_DfBDIv5miJYGGFFMmDIvb3GF73JmfJu-QMCMT5My0zT1jCWGI5hpW2P3sQzWyLLW-2SHdC9WQstSOcFardtdJmEdIwFC-2KSJi3sJo88mEAyOcdP25_7BU3t9GLkWupO1BLs55g1pI9RaSh1wdqdU6rjyAPHP0nFt8KGp3BPV9h4M3ydYcXvxum2X2BKroO7qIVsLJyHPQqK-Kq_JgKYsmrDnGcg1eWEUkWpii74mjHsfAvmIkKx3FJUkzUkW2Zb62iMWt9rY7ExpkLQHIwcaCThoosqHD-JoWhgwxqbYO5GkVZQlntZ6D9cVT8HxyjzK5qTpby50&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR8rsMs16YsDvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSHAk_QAHPnIGLwB7stWRiS_JXmTd9wbOwRMo379WmG1IvMv4Wquu3khv2Ij3JTDM0CaphhjNmPDzFBGG0YIBwMaru2IPBHIPtScfeVZzx1_jKCB7XkBoZb0v02H3bCgxjFDbpMdVk5yIBUjk0NHslB5WIs4XItfozprbFt8_trwaQrfSdBEbkwIwmTtOA1W_WN39IK-FCgcE9JC2Axd81_upEvujFiWD6-HB-GJkIoT7zqi9cEhKo4vSj_vWQ9l4izxuu16deoz6PoS97sWPNTO-ol3hLl2O_-Pe9f_dc03RnDR6NCJd4SqQ0SG91sO_fDCTZpX6WLC7o8aYQQjzit-9cwjN5mgEno4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-InZwIGDjM0Xo66lL3wdx0TCCgQ%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7dea77fe7efb84accbd9d2b484b170d923b462b09c97bd0a6e1c3a598a9e585f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:38:10 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=sOJlTHDPO5gxJOppSZZVrmra5hMEsthcz7ze8MFjj5Bh22BhHrRPyxIuuauwaImzhHmACxDkvwBlqaLRiU9Jc4mENwHMaJ0fo-_LE5KcvfuIdLZHhl55mRuCquaKNX1UOzc5Nx_oli2W7i3Z5OG8ET0y6SbMIsE4SeIpJIBQcg5G-ADyUs96RFOrvBe_qMYrBEU0hfnBeneAdUmFz6p9VGrppnRke14gDmMEv-xrT1okjdIG7f-t7ETn6S6fRSwqaQYTdA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 100687125
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame D8C7 3 KB
1 KB 77ms
62ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2021.js

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:22:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 917
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:22:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D8C7 120 KB
37 KB 199ms
122ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:38:11 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame D8C7 15 KB
6 KB 67ms
61ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0e7c44952ddcc2591ef2fc3ef2b99fc6623fa8a02e8f4c04957362695f91dcf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 19:48:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2990
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6374
x-xss-protection: 0
server: cafe
etag: 12872279909177429123
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 19:48:21 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame D8C7 0
0 83ms
50ms Image
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqdrMvD-Krn_UFRzLMu_Miw-CJksUwZhUiDCxp4t8OjC97oee0XdtDXZslRfcki0O05Tl-
Requested by: Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D8C7 22 KB
7 KB 69ms
62ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
URL: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43571
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 08:32:00 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 54 B
741 B 478ms
119ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.pua-unemployment-login.com&l1=5681&l2=pua-unemployment-login.com&l3=DE&l4=desktop&l5=5.742&cb=0.3598800444870527
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.742/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: cda446aa5202736d9e2cd7d2bc90bbd1f1bf5fa2f8555303a88c548095226220

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:38:11 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.pua-unemployment-login.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 54

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 00D7 0
0 174ms
93ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050501&jk=1215277759983589&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 366ms
97ms XHR
application/json 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1652215091128&sessionId=bd64d3ef-b4be-c710-3a2e-07f5a41b3c3b&url=www.pua-unemployment-login.com&cheqSource=1&cheqEvent=2&responseTime=720
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:38:11 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 526ff76600a44ee4a397a1d5aaa6d2bf
Content-Length: 4
Expires: 0

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
102 B 113ms
113ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136fecc534ef47839d9225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e4604289e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1908f77f6ba195157ae8dceb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f82daeba286e6e51a28f527e7eeae2b0436e88732c2b445e717150782590c81d0d4888fbc9227c32c90c6f5ae53df5f5b1aa35e64c693971d2780e827a855b69417c426f428441d53cb35ee5dd896fb7fbed73c925ca9cfcbcb69ce010478e84b5841694a31d0a064bb57dac19c2ba29273b29e21df89e5b27c82bfaa5b687398e258479bf9495c05b4b4b17ab678cfbb1fb0be3cb87dbc23d70fc61ebca920c41a2ef8ad9060233c650b36085d14b6fc8a6cd31eaa434e4735e5b749db84050ff8b8c3a7ba6cc080f8eed5eaa5e33f3a2ee755d4a4536f9f51204ac569596d7eb52eed304c80989e26d4248e7bdcb92689fa48cc671d6260107613d1&cb=1652215091127&cri=1hnNI4Ardq
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:11 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H3 200 6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js Show response
pagead2.googlesyndication.com/bg/ Frame D376 35 KB
13 KB 102ms
46ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1346
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13523
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 20:15:45 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1896 2 KB
1 KB 63ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt7sKd_uCAA8AEOf5PTQhMqek5hxQZg&u=%7CfepHkZK%2FpFgV8bj7qL49NWEtCtDgjivPY9rr8qEJAEA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA5hKUJQuFTAInZcCRQkTLkE4J6vEvHU9Z66Ych32zk29Vyr1WcBNyIFgZQX6Z33kPQi-aMYI70jQkKdyEv2of7a0Lb8BVO_A2a6nGsE3ajn1zC2wGiGZO_xPPqFJNpaPqL6_qzW2PuVbt3oEKu_pxUh8hOp0n5JBLMdXtutPSX3ev8aqKFGDQW4dfduBJiXstbhkP8ki9B8rWP-7krxTWRJtBCyApnwV9FJkOR5M_pktDaY56tpXV6vxXnLCdmsMHxdq6liloze5jUXqaWCIltSdnINuJ8zqgZkxLBPs-mOY6y1ff0OZj4jt7Fwq5SKjZa04rMcU3_blpKYPQXucP5W7jXfpJznzcwug-HhnrmgW8Xz8ks4mj4RPkbnKubDNj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw5NvMs16YrvvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSNAk_QnKKEd4w5m-0zppyYIhuQqLHVxRVykPj8Dn_VjswIIhBceFpCKiFNvr8AbZXC4hQlCE0nJ9gXmQ4IUKzW91wd9bAV-gbGFwKffu1FnkuNQQkJmlGHABpOQjPf9PRGHl7157lALz8GzSF4HkutEM4TVW--M_XV1D3a1nyZohvvqgmsQUbhj9utOhgT6Tjfw6gNecxKD5kiMeHPym__6YwBszkn3iWu10U5Gfh5BupxFQJM_32sPdjtvl5tdfjcsHIFy5yu8HaVOtica3RLBiiYKCoDqxLHt7NCv4Xsyyna40bZJEY5DOqsPObWUorUBGKk-H5afRzzl6w3wzbzCaVGr5xJpfK92rOfG5OQ4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WglmhtbbqemDaB-kady06wiQl_g%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1896 2 KB
1 KB 65ms
27ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1896 308 B
636 B 44ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 1896 507 B
836 B 39ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 1896 0
689 B 251ms
152ms Image
text/plain 2600:9000:2127:2e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215090
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt7sKd_uCAA8AEOf5PTQhMqek5hxQZg&u=%7CfepHkZK%2FpFgV8bj7qL49NWEtCtDgjivPY9rr8qEJAEA%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA5hKUJQuFTAInZcCRQkTLkE4J6vEvHU9Z66Ych32zk29Vyr1WcBNyIFgZQX6Z33kPQi-aMYI70jQkKdyEv2of7a0Lb8BVO_A2a6nGsE3ajn1zC2wGiGZO_xPPqFJNpaPqL6_qzW2PuVbt3oEKu_pxUh8hOp0n5JBLMdXtutPSX3ev8aqKFGDQW4dfduBJiXstbhkP8ki9B8rWP-7krxTWRJtBCyApnwV9FJkOR5M_pktDaY56tpXV6vxXnLCdmsMHxdq6liloze5jUXqaWCIltSdnINuJ8zqgZkxLBPs-mOY6y1ff0OZj4jt7Fwq5SKjZa04rMcU3_blpKYPQXucP5W7jXfpJznzcwug-HhnrmgW8Xz8ks4mj4RPkbnKubDNj&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCw5NvMs16YrvvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSNAk_QnKKEd4w5m-0zppyYIhuQqLHVxRVykPj8Dn_VjswIIhBceFpCKiFNvr8AbZXC4hQlCE0nJ9gXmQ4IUKzW91wd9bAV-gbGFwKffu1FnkuNQQkJmlGHABpOQjPf9PRGHl7157lALz8GzSF4HkutEM4TVW--M_XV1D3a1nyZohvvqgmsQUbhj9utOhgT6Tjfw6gNecxKD5kiMeHPym__6YwBszkn3iWu10U5Gfh5BupxFQJM_32sPdjtvl5tdfjcsHIFy5yu8HaVOtica3RLBiiYKCoDqxLHt7NCv4Xsyyna40bZJEY5DOqsPObWUorUBGKk-H5afRzzl6w3wzbzCaVGr5xJpfK92rOfG5OQ4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3WglmhtbbqemDaB-kady06wiQl_g%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:11 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: lvsNtmdoj8x_olHYKcz73jEBjB2yGxsT5eWckqXZOTFt80HFrHfZUw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 1896 43 B
348 B 79ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=AaFEEueY1lTfXKpfqTBHIEZqRfTasdLFoNy1OXk6JzY-MjmG1zRndMiiLbji2uQA0aZIUR62KfvLM0JbSbRr2ZRSG5LSsH4OQLBbkzC8jEkTHJO-iVgsFn51Gaahj5FZ5trG53jeoKvqDI57_046tLhSFVOvyGXFptbQVb2Fl4jtt5Eknh6dDSDuDVTtZEy6kH1EjKYDqcut6x4knUFAJ4Hh9I8roSnNjQ0f6wIcR-UtWHWQ4cmbQAE-bzEYGChlxQlHERfjozstA4_qUu5Ubfgq7dVnfstomSybmM4i0ZldHnazQWOYn8v08aLnrrdIpqxm3XcFm6IptkzyOkyLGpEsc0LnUxj9zzNyjsjqIqDRQcXqWav0rGsU2h5rjGj6CedFeFiwsLNOvEyGiKfNrwNJawjRZBDXatfrWoQ34mfsGDjb9gx5nNRSNPZGijU9bHHzZQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:11 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3141539
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0435 2 KB
1 KB 47ms
28ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt70Kd_uCAA8AEDePGr5mKN7Grkj1zw&u=%7CfepHkZK%2FpFgTKnu8JnUYMBNU6p2fv%2B608LFDCyKeDI4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh21D9JdyWuQMCX56wCQsogyPQPgBoDpX_43yXC8yuS4MS7XNyFDnLM0E79k0ha_hLehdw0eqCGU_Ma33rgoT33Yws5q9i9sXP3ezNn-O1_ZJPl8g5ZPmE6zkV_fMU4djgn_A_nywIZpZRBSiTChdUQu7CFrS8_0PPwCdWHkRhGgzcWtnp2yflon-An6nL3qOdS9c3tSmhcp3UKE6un9pWgRU5-fmxbEmp47KUz1UlKoxTJIOunj66eBoEgD5CczhCpDZa_4OsTTA9aBVaOMmbHXhEa1fuLmVl7ILSgdEQEsZmEEhOjxW2CEdEPRB8EpDYK6AT3ZjHILBjvBZvC_r6X6JyU6f9D509dTH5JtaVq9DRvC82rGTtxsbl9wo3cEEH8Cy7oD1Dvb4IlSUd0WezA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX489Ms16Yr3vAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSIAk_QLk6Hu-sGgyQksoKvneittzdsXeCYvARo3LXrLMqwfmKOlLGA5mm1x-NtOFZq0fy2oWAhInUefbE5t8zwkaSPJzGP5xMwWAxpjdo1etXXJ5GDJi2-8gblgJueC-iBWyXlBh-OCU8NDWtEx9Du_4-MY3vOOzvWpwcnhbCxHMAvio5sEka5_WH1qb21ncmfxzzKUR_Thuu8XNjA1LYYPrMIvKD1ZXXhHCnDsoxsriG8oSZM73avUNBQ0ibjFkoVddgHAP-coCm1lRNpkTisJo2weoSuHR1IKddQwzdoU2tm8Q6eZneXnIrCVeyhQmNZFued2QJqwaMI66ThdVo85SMNDWl6j00U4uAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CQR9pI4aUofppY4sjtwTGqToijw%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0435 2 KB
1 KB 44ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0435 308 B
636 B 44ms
37ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 0435 507 B
835 B 34ms
27ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 0435 0
690 B 240ms
150ms Image
text/plain 2600:9000:2127:2e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215090
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt70Kd_uCAA8AEDePGr5mKN7Grkj1zw&u=%7CfepHkZK%2FpFgTKnu8JnUYMBNU6p2fv%2B608LFDCyKeDI4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh21D9JdyWuQMCX56wCQsogyPQPgBoDpX_43yXC8yuS4MS7XNyFDnLM0E79k0ha_hLehdw0eqCGU_Ma33rgoT33Yws5q9i9sXP3ezNn-O1_ZJPl8g5ZPmE6zkV_fMU4djgn_A_nywIZpZRBSiTChdUQu7CFrS8_0PPwCdWHkRhGgzcWtnp2yflon-An6nL3qOdS9c3tSmhcp3UKE6un9pWgRU5-fmxbEmp47KUz1UlKoxTJIOunj66eBoEgD5CczhCpDZa_4OsTTA9aBVaOMmbHXhEa1fuLmVl7ILSgdEQEsZmEEhOjxW2CEdEPRB8EpDYK6AT3ZjHILBjvBZvC_r6X6JyU6f9D509dTH5JtaVq9DRvC82rGTtxsbl9wo3cEEH8Cy7oD1Dvb4IlSUd0WezA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCX489Ms16Yr3vAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSIAk_QLk6Hu-sGgyQksoKvneittzdsXeCYvARo3LXrLMqwfmKOlLGA5mm1x-NtOFZq0fy2oWAhInUefbE5t8zwkaSPJzGP5xMwWAxpjdo1etXXJ5GDJi2-8gblgJueC-iBWyXlBh-OCU8NDWtEx9Du_4-MY3vOOzvWpwcnhbCxHMAvio5sEka5_WH1qb21ncmfxzzKUR_Thuu8XNjA1LYYPrMIvKD1ZXXhHCnDsoxsriG8oSZM73avUNBQ0ibjFkoVddgHAP-coCm1lRNpkTisJo2weoSuHR1IKddQwzdoU2tm8Q6eZneXnIrCVeyhQmNZFued2QJqwaMI66ThdVo85SMNDWl6j00U4uAEAYAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIBwiI4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_3CQR9pI4aUofppY4sjtwTGqToijw%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:11 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: MklVCYVs2ajCkuugT_j2vZZwyNHQaJvuj7PfyerGTpDsqOA4eCY9Zw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 0435 43 B
347 B 74ms
20ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=9tH15zACq-ghFkGvPg4D7jpfanoWloPPOZQmcdFBwfrZvyGH7zRAPbDcAMzqw8sFEhO8VnrwSpxNQxWeFXr8Yec6Z9vWMef4-INDt_AclHw5JBiY5kMkay_o6Lo959u24zDzNJ5DqpJF5tQ_kbfGYC_pdbyNBXQKmBSPn6vxtG_a5tA4d7Mx3lXfznS6yWfbLOT84pMoDuurMH8nnHDMD5oicYXqiMYZmAFNdz9nubHxx-skazHAwRQ-PzYNMTuNmK-nEe6lEpgL1Je6q18urHXZQYLFIRfSOy933WGwK9NhZb7xyuIkAGoVB_yHLImfbWirrL1UOF4uzgHtRu4ojE1iiCLQW4KYFKv_vsJmsZMvvlu3dh3Kx35X80tXdZXbeAAZTPwzdaE3wim-7v4ACFrPWqVrt3th5KZ3_lFzaogSCMapSC9vXDkZq-X1zlyDaLrKUA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:10 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4479151
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9516 2 KB
1 KB 35ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt8AKd_uCAA8AEOy0BCc5dYQUOPbcyg&u=%7CfepHkZK%2FpFjXYB6PJUxmEWHEM1tKeYesdP5xUll6YNs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-BiSE6tqOp4TSEGrMttvKWR2xZSKfKxYicO6SEunw7VO4tXnpGsP0QDYcFK_dTw8VZm8_DfBDIv5miJYGGFFMmDIvb3GF73JmfJu-QMCMT5My0zT1jCWGI5hpW2P3sQzWyLLW-2SHdC9WQstSOcFardtdJmEdIwFC-2KSJi3sJo88mEAyOcdP25_7BU3t9GLkWupO1BLs55g1pI9RaSh1wdqdU6rjyAPHP0nFt8KGp3BPV9h4M3ydYcXvxum2X2BKroO7qIVsLJyHPQqK-Kq_JgKYsmrDnGcg1eWEUkWpii74mjHsfAvmIkKx3FJUkzUkW2Zb62iMWt9rY7ExpkLQHIwcaCThoosqHD-JoWhgwxqbYO5GkVZQlntZ6D9cVT8HxyjzK5qTpby50&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR8rsMs16YsDvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSHAk_QAHPnIGLwB7stWRiS_JXmTd9wbOwRMo379WmG1IvMv4Wquu3khv2Ij3JTDM0CaphhjNmPDzFBGG0YIBwMaru2IPBHIPtScfeVZzx1_jKCB7XkBoZb0v02H3bCgxjFDbpMdVk5yIBUjk0NHslB5WIs4XItfozprbFt8_trwaQrfSdBEbkwIwmTtOA1W_WN39IK-FCgcE9JC2Axd81_upEvujFiWD6-HB-GJkIoT7zqi9cEhKo4vSj_vWQ9l4izxuu16deoz6PoS97sWPNTO-ol3hLl2O_-Pe9f_dc03RnDR6NCJd4SqQ0SG91sO_fDCTZpX6WLC7o8aYQQjzit-9cwjN5mgEno4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-InZwIGDjM0Xo66lL3wdx0TCCgQ%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9516 2 KB
1 KB 46ms
38ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9516 308 B
636 B 29ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 9516 507 B
835 B 21ms
14ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 9516 0
689 B 193ms
151ms Image
text/plain 2600:9000:2127:2e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215090
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrNMgAAt8AKd_uCAA8AEOy0BCc5dYQUOPbcyg&u=%7CfepHkZK%2FpFjXYB6PJUxmEWHEM1tKeYesdP5xUll6YNs%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-BiSE6tqOp4TSEGrMttvKWR2xZSKfKxYicO6SEunw7VO4tXnpGsP0QDYcFK_dTw8VZm8_DfBDIv5miJYGGFFMmDIvb3GF73JmfJu-QMCMT5My0zT1jCWGI5hpW2P3sQzWyLLW-2SHdC9WQstSOcFardtdJmEdIwFC-2KSJi3sJo88mEAyOcdP25_7BU3t9GLkWupO1BLs55g1pI9RaSh1wdqdU6rjyAPHP0nFt8KGp3BPV9h4M3ydYcXvxum2X2BKroO7qIVsLJyHPQqK-Kq_JgKYsmrDnGcg1eWEUkWpii74mjHsfAvmIkKx3FJUkzUkW2Zb62iMWt9rY7ExpkLQHIwcaCThoosqHD-JoWhgwxqbYO5GkVZQlntZ6D9cVT8HxyjzK5qTpby50&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCR8rsMs16YsDvAoL33wOQgLzoCcme0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzAxMTk1ODgzNDQxMDg5MaAB1bbS6gPIAQmpAtUvGiFmq7E-4AIAqAMBqgSHAk_QAHPnIGLwB7stWRiS_JXmTd9wbOwRMo379WmG1IvMv4Wquu3khv2Ij3JTDM0CaphhjNmPDzFBGG0YIBwMaru2IPBHIPtScfeVZzx1_jKCB7XkBoZb0v02H3bCgxjFDbpMdVk5yIBUjk0NHslB5WIs4XItfozprbFt8_trwaQrfSdBEbkwIwmTtOA1W_WN39IK-FCgcE9JC2Axd81_upEvujFiWD6-HB-GJkIoT7zqi9cEhKo4vSj_vWQ9l4izxuu16deoz6PoS97sWPNTO-ol3hLl2O_-Pe9f_dc03RnDR6NCJd4SqQ0SG91sO_fDCTZpX6WLC7o8aYQQjzit-9cwjN5mgEno4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-InZwIGDjM0Xo66lL3wdx0TCCgQ%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:2e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:11 GMT
via: 1.1 1f7383179aa19c47a962c46236696426.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: PRG50-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: k8k_Go9jAI7iz7Axo5vDtwJH5R1DHTiNPncA7n8uFuWjRQdDNqHncw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 9516 43 B
347 B 23ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=z66F3uFtwMx5BkCzaq8HKeJFXfM6QOYD9bL2xXJMZgnG9kK7_MHV0abipD-Sh8FEO7vOjW1epNJziEXD03-geP0_aCXS-FDT0LEooykaxwWxKXw2Q9XPb0M1MBz45Ml_G03qaKTS0k004VbUdSX_2oNi4VgHebpmvo2p6s8gvfYeqiqCGpedLy27gxhJweKSVf_PamIhWs2qft8-IGx1y8V5sift4FOZh0HoWf-YoC79uJimwmhrSZxW7rEjjPAY_iuFzaEAthuPJUBN0DzmW6vAR-vpxcu7D-PBcYQoCzO-3MVnwmLyDEDogux_XOaRgueYv2Ny2ZWyYgWUsSdDSaqbGACKxpVmejS-q6uxcD_5hxMPAJXNKA_lZwpmX5DflYexoclgXwl30LVaSnWkIBRJm164pPPopiqk-4B0nG6xkQYdVqaDIfbzXrELSRFf7kgkFw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:10 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3654279
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 378ms
378ms Image
image/svg+xml 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1651391295.775433"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 09 Jun 2022 20:38:11 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 380ms
90ms Fetch
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=abbd05a85ebe4a21d53bba5b794ae86a_122703_1652215091136&tm=1067&eT=0&widgetWidth=324&widgetHeight=33&widgetX=1055&widgetY=899&wRV=2000718&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=2&rtt=338&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
X-TraceId: bb0bcbed02c8d061d976c7fd4492e6b2
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000718/module/ 37 KB
14 KB 829ms
820ms Script
application/x-javascript 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f8aadd68eb9c6abebf719b41cefb6466283be19d3154c9e51f38f0bac1bb7b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:12 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 08:06:56 GMT
server: AkamaiNetStorage
etag: "33b936cbf673d430f7f9f967c3a4310d:1652176804.781598"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13600
expires: Wed, 11 May 2022 00:38:12 GMT

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 12 KB
12 KB 628ms
625ms Image
image/svg+xml 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "65df986ae65cffdf92a926e7c42a25a8:1651391311.776385"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 12268
expires: Thu, 09 Jun 2022 20:38:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9516 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 9516 7 KB
7 KB 67ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=Ztz4HcK_1CUe8izFWU-TMUXT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29752617
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7142
expires: Thu, 20 Apr 2023 05:15:08 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9516 0
128 B 55ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=sOJlTHDPO5gxJOppSZZVrmra5hMEsthcz7ze8MFjj5Bh22BhHrRPyxIuuauwaImzhHmACxDkvwBlqaLRiU9Jc4mENwHMaJ0fo-_LE5KcvfuIdLZHhl55mRuCquaKNX1UOzc5Nx_oli2W7i3Z5OG8ET0y6SbMIsE4SeIpJIBQcg5G-ADyUs96RFOrvBe_qMYrBEU0hfnBeneAdUmFz6p9VGrppnRke14gDmMEv-xrT1okjdIG7f-t7ETn6S6fRSwqaQYTdA&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:38:10 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9516 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9516 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0435 12 KB
6 KB 25ms
24ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0435 18 KB
18 KB 27ms
26ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=92&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=668&s=3CwdcZl-q6SWR4YUWkbhny5_

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

63fcc9fc6cf4e04b4c3190ae61fbdd2540d37d73ea1d665a4ffd6d7324847a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30975371
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 18609
expires: Thu, 04 May 2023 08:54:23 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0435 0
127 B 17ms
16ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=TRNhNXDPO5gxJOppIBNGBNs4nRf-Fixs5j39y2PoOaFSm-5UzGz4MscKhzrZKvS3lLWHkikX5thn7AUbwJuDaYEkfer5vCkAxTVdtiYTyN_HQay10MVvDmFkXBrhZc9ZJ7QofqslE0X9S51DLaT9RasSG7Y9H5qdZWzemmBXkt0EztoVUSCishCgsceMPrHFGfr4GO6d4ocx_WYqOAHv25umwu5tcUqf84C-k6bgZ2Y-CLyZGwUXsFXspGiq5cupjnyTuw&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:38:11 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0435 2 KB
1 KB 16ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0435 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1896 12 KB
6 KB 28ms
28ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1896 16 KB
16 KB 23ms
21ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=Zk9aru4pz-PUGTTqcowN_1ro

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:10 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29752617
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16600
expires: Thu, 20 Apr 2023 05:15:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1896 3 KB
3 KB 24ms
22ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoABF-Pharmazie-GmbH-Co-KG-276589DE-2112061114.gif%3Feb%3D1&v=3&w=800&s=vJeTBViTBA0akNWov1NPb446&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

511dfce7c1f8030304d0d886e6f4a408a84e76c4a8ca8a1ca1a3414dcaf54dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2385440
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2770
expires: Tue, 07 Jun 2022 11:15:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1896 2 KB
2 KB 25ms
23ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoStepStone-GmbH-148733DE.gif%3Feb%3D1&v=3&w=800&s=3Z7pKamwHk51W_XnQuTU03dr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2229706
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1770
expires: Sun, 05 Jun 2022 15:59:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1896 1 KB
2 KB 26ms
24ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoIlle-Papier-Service-GmbH-280332DE-2111180848.gif%3Feb%3D1&v=3&w=800&s=74XW6ztms1yLBuCIA2_W-hQs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d5ea9fcb2a448ba0c621ea95e22d27827e79c5aabee99a0ccea258665e5f40a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1473060
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1450
expires: Fri, 27 May 2022 21:49:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1896 2 KB
2 KB 25ms
24ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoN26-GmbH-146811DE-1911011235.gif%3Feb%3D1&v=3&w=800&s=ik_kNo_qNX-VFHXIJxj3_yti&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7df4cb1633e792be6111befe4599578305e9c781180a6969dff468d0ed52a2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2232
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1896 2 KB
2 KB 30ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2Flogodrivetech-Fahrversuch-GmbH-171567DE.gif%3Feb%3D1&v=3&w=800&s=1GTJgbcAiVvY7_ggstT1IrP4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=845372
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1538
expires: Fri, 20 May 2022 15:27:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1896 5 KB
5 KB 28ms
28ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoZenJob-GmbH-Extern-253922DE-2011231050.gif%3Feb%3D1&v=3&w=800&s=yNtVSyMvGQ7vNe6i3CJi6U6k&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4833
expires: Tue, 10 May 2022 20:38:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1896 1 KB
1 KB 29ms
28ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=800&s=kazlmmYaf1I4CAPjpV7VMXGz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=152405
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1100
expires: Thu, 12 May 2022 14:58:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1896 2 KB
3 KB 29ms
28ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoAmprio-GmbH-201935DE-2106231706.gif%3Feb%3D1&v=3&w=800&s=HokYZuKMzPY0PkFyJnXtNULS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=996018
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2446
expires: Sun, 22 May 2022 09:18:30 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1896 0
127 B 15ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=BtnA_HDPO5gxJOpp_GW-7TkmXqSzxuX-TqGtRNMNz5r4dHYFu8AzcQD7RjCudQtM4kyYF8lmkEixv8iqWjEiQJogoHg-BXGEecb7z0Rnid_xzahshyuHD5H6oa-nu6prUwTpp-eN344rkuILfWLWSR6Uwb3b5tJaFYtY2ttpe0NJu-V7lgcCTzAARMxeu7XH5L8JGKxm8X7-zRsh3F4E-7n3k3e2x8CPHVNRGE82djI6N92Zh7N-fyeVQcPVjAsTTHNCtw&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:38:10 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1896 2 KB
1 KB 20ms
18ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1896 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:38:11 GMT

GET
DATA 200
OK truncated
/ Frame 5486 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d51c21d4759ad4700ca04e820ce6c223f0d2b9f72ee708ae76ebe03b49cd3a0f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 91ms
90ms Fetch
application/json 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=abbd05a85ebe4a21d53bba5b794ae86a&pvId=abbd05a85ebe4a21d53bba5b794ae86a&sid=8537982&pid=122703&idx=0&wId=834&pad=0&org=0&tm=1475&eT=3&cnsnt=no_consent&wRV=2000718&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:38:11 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 745c75b11ba12f5955ff861ae52d80a4
Content-Length: 4
Expires: 0

GET
DATA 200
OK truncated
/ Frame 67B6 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25bc4235e4deb9252540b4239704584c044c773ebeed2123a4d30a714ce16cab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame D8C7 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2c483be5a67b2c3a037e79b5fdf7697eca7c3c968089e462e62467e5bc90270d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D376 0
9 B 40ms
40ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?uoE_wA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:11 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 17 KB
6 KB 327ms
307ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%27.get_permalink().%27&settings=true&recs=true&widgetJSId=GS_6&key=NANOWDGT01&version=2000718&apv=false&sig=KAbFiRUt&format=html&rand=53630&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YWJiZDA1YTg1ZWJlNGEyMWQ1M2JiYTViNzk0YWU4NmE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11520-0&layeredTestInfo=11520-0-&clss=dQeiSr%2BX4YFdtgsMGsd%2F2JWQW0ED1%2FI0JVTq169J7FSw8ytM%2BqZ65VP%2Bb3h1fKIgaXCsH%2Ft5qCGiByPR&dpr=1&cw=324&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: de614cf8f926b1cd2dd51a6382d8f71e972737dcbf3d792a67baae067eceb1ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:12 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1652215092.281135,VS0,VE289
accept-ranges: bytes
x-served-by: cache-lga21934-LGA, cache-hhn4037-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 7c9c82677cd8c5df6326b75a9f3da75a
content-encoding: gzip
content-length: 6183
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5486 42 B
64 B 162ms
80ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvnk0derfft4WOO5kwRM3Q36yxtfpNcKRZH72JXC8Lb0-eWUOzH_ualM2EJmo69AdAxQI2urHiYaq4TtFuL_uHD&sig=Cg0ArKJSzLVk3UprH9QiEAE&id=lidar2&mcvt=1000&p=485,1052,765,1388&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=574321577&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652215090720&rpt=547&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D8C7 42 B
64 B 75ms
73ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstuW6FoMUFD8vQtBT9Jtqe_MO9_hbTkd1ZJJEAaVwpuD-XrUGw4xHPvbvA_6wE_Kjzs8BDvxrZGiUYfaPkMb9NX&sig=Cg0ArKJSzJOrCjVTYgbqEAE&id=lidar2&mcvt=1000&p=1079,436,1169,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=201602981&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652215090736&rpt=787&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000718/module/ 503 B
812 B 293ms
290ms Script
application/x-javascript 69.192.161.85
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000718/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.192.161.85 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a69-192-161-85.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e442afceada3ad856d11b90bcc9ccfa5ee84182e6fa2125e5656ab00221f3f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:12 GMT
last-modified: Tue, 10 May 2022 08:06:56 GMT
server: AkamaiNetStorage
etag: "d26ce1388f9514ff5e64d329df699a87:1652176799.408778"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Wed, 11 May 2022 00:38:12 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 90ms
90ms Fetch
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=a2c2c2cfe7505cdedb0a928d96e1cc52_122703_1652215092526&tm=2356&eT=0&widgetWidth=324&widgetHeight=342&widgetX=1055&widgetY=944&wRV=2000718&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=344&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:38:12 GMT
content-encoding: gzip
X-TraceId: cbbc137e3384997b2957e681cfbfcc8a
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjFlNGM4ZjNiNTUwNTgwYTZjMjg3NjM5N2ZmMDc4YzBmOGRkYWUwNWE5MTY4ZmQ1MTM4NzM5Y2U2MWU4Mzc5YWUiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjaCI6NDk0NTk1NTU1LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 28 KB
28 KB 120ms
16ms Image
image/webp 184.87.213.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjFlNGM4ZjNiNTUwNTgwYTZjMjg3NjM5N2ZmMDc4YzBmOGRkYWUwNWE5MTY4ZmQ1MTM4NzM5Y2U2MWU4Mzc5YWUiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjaCI6NDk0NTk1NTU1LCJjcyI6MCwiZiI6NH0.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.205 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 8eb16c0eab583526e5aceef87b6fdd3f9d7074a1902bc09a9c7492fbd07c8117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:12 GMT
cache-control: max-age=341779
last-modified: Mon, 11 Apr 2022 16:29:17 GMT
x-traceid: 77ca6604dbb008f5bcc82d3038a05539
timing-allow-origin: *
content-length: 28502
content-type: image/webp

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 17 KB
6 KB 336ms
335ms Script
text/javascript 151.101.114.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%27.get_permalink().%27&settings=true&recs=true&widgetJSId=GS_6&key=NANOWDGT01&version=2000718&apv=false&sig=KAbFiRUt&format=html&rand=93628&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=YWJiZDA1YTg1ZWJlNGEyMWQ1M2JiYTViNzk0YWU4NmE=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=1&fAB=11520-0&layeredTestInfo=11520-0-&clss=dQeiSr%2BX4YFdtgsMGsd%2F2JWQW0ED1%2FI0JVTq169J7FSw8ytM%2BqZ65VP%2Bb3h1fKIgaXCsH%2Ft5qCGiByPR&dpr=1&cw=324&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3a692146c9ec2f7e2498ab908170143e0a6dc3bcc7d95f52d69e87d75f11898a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:12 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, HHN, Europe1
x-timer: S1652215093.625104,VS0,VE325
accept-ranges: bytes
x-served-by: cache-lga21962-LGA, cache-hhn4037-HHN
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 285916d2ae0992b9fe89780a3130515d
content-encoding: gzip
content-length: 6037
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 89ms
89ms Fetch
application/json 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=a2c2c2cfe7505cdedb0a928d96e1cc52&pvId=abbd05a85ebe4a21d53bba5b794ae86a&sid=8537982&pid=122703&idx=1&wId=1515&pad=1&org=0&tm=2378&eT=3&cnsnt=no_consent&wRV=2000718&pVis=1&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:38:12 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: b5c046bb999bd8648c30d3788244986c
Content-Length: 4
Expires: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 83ms
82ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050501&jk=1215277759983589&bg=!8_Cl8LTNAAZX5TVhd-U7ACkAdvg8WmQ95t2ZL0VairFy1rZwoyimZRIsKlo8kWLKCGCZaodMvPM5eQIAAAF4UgAAAAJoAQcKAEgu8IDO-NKVlsYQP59T10-qtWbMg1SUxdVSED4YgB8K8UZfQl5S6r1zqN8ydwzenWf9528A2ckY5vUddw_Cgpn2sBrXmYUU0k2ZArcOEa1vue6S2kiNAJIg_X8SKf8ZO2MCoZ9bbeGsvWBwfmE7kz0jyYMKcR8wouafr4QzedLh_zDUarkM4odekj5j6LqtuXRApeoPNezkAEZTaq4s1igl3X78wno-OcHqVqUMv4nL8_aZNCcnsKqIUyP6DchJEreUXoW3e3hHXpiHwrYH4EnADzImBQ1QDe3cUr_b8RovyL604TGutT9XQTXn7rT6csluB2DNjXB2MHQAHgMetltlpJNZa22hZb4o8W_cvDPVHkXdb6_4RYxniLCYn-PUzNgogodpmJg_rtaZ7owj5syyzPYhXOFjq0ydUuUYCau364GGuzvX0NGnEDHDqygFl7aJ_9ShAjkvy57kZ0w7iyG4Nb1UChmNNj1_FEypyn-ZvKKLN0y4IXJ2y-SPGT91gxcDUwIEybaG8ykYmiodSvBxmypxabb6rxTt3N8gn22j2ZW3VX9q-nQhT45YmtIyOYLO8jgYYWNkRTL0tKGRLxFSft_L1MXEGvr90gBFKCRLuZshLJBPHtYRv_qutv2R-IzICgeBf0yQrgZ9hG-cbiIrYN9aaON0n0kOfH1rwDkl0__dIG8OgD15OpTaVQTPpgJk96SgXLe4r5ekSfp2AW1yZ6kE39r62RBQ31_u7326FuuibxK3nPh8YvQ2LZdFqtBnU0LWEXFsOCgtIF_bj9httWcMuu53ZugfP2uXJ4i4Q-eZNLvGQqHIajLCxEVWs8UrVrXeWRUZlkBYXokCHMYlsSI3mzSH4veR1RQM2953wLaq4opriKkyqP0oriuyIwZkrt47PxLdSW4k1Z0EGbKS_jIA9GSdVGXoWBnyjiWKnFs33gvBpRx9sdlWRxVIDHmka6V0ZfZAa4bXKSMvpPaLBcZJ9j_HvyM8y5vj1O7TyFUqsXqYhOL7E4ATz5waxpfxnA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 9516 0
127 B 15ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:38:12 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 0435 0
127 B 16ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:38:12 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 96ms
95ms Fetch
text/plain 70.42.32.255
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=b2f0d92d153cd0ceca17435667728200_122703_1652215092897&tm=2718&eT=0&widgetWidth=324&widgetHeight=342&widgetX=1055&widgetY=1309&wRV=2000718&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=339&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.255 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:38:13 GMT
content-encoding: gzip
X-TraceId: ac70bda5a73c7c678c002fb9868ca00d
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjM4YzA0MzI1MjBhZDhlMWYzYjk1MGZiNmQxZWUwMWZkMDNjODUyMWU3OGQwZDk5YWI1NTYwYTRkZGVlZDE4NzkiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjaCI6LTc0ODUzOTAxMCwiY3MiOjAsImYiOjR9.webp
images.outbrainimg.com/transform/v3/ 37 KB
37 KB 105ms
104ms Image
image/webp 184.87.213.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjM4YzA0MzI1MjBhZDhlMWYzYjk1MGZiNmQxZWUwMWZkMDNjODUyMWU3OGQwZDk5YWI1NTYwYTRkZGVlZDE4NzkiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjaCI6LTc0ODUzOTAxMCwiY3MiOjAsImYiOjR9.webp
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.87.213.205 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-87-213-205.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 1433a78f995a93c74107ebf6adc7685a87f554caea911ac4501d55f7047bfdf3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:38:13 GMT
cache-control: max-age=2366681
last-modified: Fri, 06 May 2022 08:18:19 GMT
x-traceid: 985b8d653f2ac147077ea3e75e64bf9e
timing-allow-origin: *
content-length: 37422
content-type: image/webp

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
242 B 274ms
58ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=1&wv-hit=928493339&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&rn=1069126227&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652215093%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510203813%3Au%3A1652215090588838768%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215093&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:13 GMT
last-modified: Tue, 10-May-2022 20:38:13 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:38:13 GMT

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
76 B 57ms
56ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=1&wv-hit=928493339&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&rn=560628198&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1652215094%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510203813%3Au%3A1652215090588838768%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215094&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:13 GMT
last-modified: Tue, 10-May-2022 20:38:13 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:38:13 GMT

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
145 B 56ms
55ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=2&wv-hit=928493339&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fflorida&rn=447600777&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652215094%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510203814%3Au%3A1652215090588838768%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215094&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:38:14 GMT
last-modified: Tue, 10-May-2022 20:38:14 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:38:14 GMT

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

22 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pua-unemployment-login.com/	1970-01-20 20:28:07	Name: _ga_2X191KKTRE Value: GS1.1.1652215089.1.0.1652215089.0
.pua-unemployment-login.com/	1970-01-20 20:28:07	Name: _ga Value: GA1.1.1707897100.1652215090
.yandex.ru/	1970-01-20 11:42:31	Name: yandexuid Value: 2842818891652215089
.yandex.ru/	1970-01-20 11:42:31	Name: yuidss Value: 2842818891652215089
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 2334795821652215089
.yandex.ru/	1970-01-23 18:32:55	Name: i Value: WVgSgUJYCV1AghH4MjshEW01ysZXp8LbRuZf+Sq7rX70if0MJwX7TkI568xn+IXmy5qrex1FAwNJwJ8Ocdl+7tv+wcE=
.yandex.ru/	1970-01-20 11:42:31	Name: ymex Value: 1683751089.yrts.1652215089#1683751089.yrtsi.1652215089
.pua-unemployment-login.com/	1970-01-20 11:42:31	Name: _ym_uid Value: 1652215090588838768
.pua-unemployment-login.com/	1970-01-20 11:42:31	Name: _ym_d Value: 1652215090
.mc.yandex.com/	1970-01-20 02:56:55	Name: sync_cookie_csrf Value: 266997477fake
.pua-unemployment-login.com/	1970-01-20 02:58:07	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 02:56:55	Name: sync_cookie_csrf Value: 2057276706fake
.yandex.com/	1970-01-20 11:42:31	Name: yandexuid Value: 2842818891652215089
.yandex.com/	1970-01-20 11:42:31	Name: yuidss Value: 2842818891652215089
.mc.yandex.com/	1970-01-20 02:58:21	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 771098581652215090
.yandex.com/	1970-01-23 18:32:55	Name: i Value: fC2uaQzeZnYdhqBDS9h5N3cyhFxKbooIh32N0sONccBzvL+/+X3ay+Ws3GCpCRwyIbmQ7Eq2QYPHVEd3RaVqZ7GAIwM=
.yandex.com/	1970-01-20 11:42:31	Name: ymex Value: 1683751090.yrts.1652215090#1683751090.yrtsi.1652215090
.pua-unemployment-login.com/	1970-01-20 02:56:56	Name: _ym_visorc Value: w
.pua-unemployment-login.com/	1970-01-20 12:18:31	Name: __gads Value: ID=e2768790c951de4c:T=1652215090:S=ALNI_MbmkNLNXHiZ0rGF5cno-Tro1sjq3A
.doubleclick.net/	1970-01-20 12:18:31	Name: IDE Value: AHWqTUlSCCpHjKGOSeUmxqjJwBpu2YA0-Ojv1wWbEu8qxT4UQBMEqam9IQxSXlFs-6Q
data.ad-score.com/	1970-01-21 22:46:01	Name: token Value: uyUdNYLXVlvgY-492t-SlWoFjwyJUpCl

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.pua-unemployment-login.com/florida Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

77cda2db21e0c819c58eb61bebbf6682.safeframe.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.nl.eu.criteo.com
cnt.trvdp.com
csm.eu.criteo.net
data.ad-score.com
go.trvdp.com
images.outbrainimg.com
log.outbrainimg.com
mc.yandex.com
mc.yandex.ru
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
pagead2.googlesyndication.com
pix.eu.criteo.net
platform.foremedia.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.trvdp.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
static.criteo.net
stg.truvidplayer.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pua-unemployment-login.com
108.157.4.117
130.211.115.4
142.250.186.162
151.101.114.132
178.250.0.139
178.250.2.148
178.250.2.150
184.87.213.205
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:2127:2e00:1e:a43d:b640:93a1
2600:9000:214f:4e00:d:3c0f:bcc0:93a1
2600:9000:214f:e000:3:7e1c:5b40:93a1
2600:9000:2156:1000:1e:6a6f:9700:93a1
2a00:1450:4001:802::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:810::200e
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:830::2004
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
2a02:6b8::1:119
2a06:98c1:3121::a
65.9.63.90
69.192.161.85
70.42.32.255
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
04e1f5f3bcc04d296fa4bd24e268a974667ea40eaaeacd747b0865b4595d33ea
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09
0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e
10e0ca4258914d0fece7ea85c62fd7ae9bea1f48ad65b5dbb2a8251ebfdbc6df
1433a78f995a93c74107ebf6adc7685a87f554caea911ac4501d55f7047bfdf3
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
25bc4235e4deb9252540b4239704584c044c773ebeed2123a4d30a714ce16cab
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2c483be5a67b2c3a037e79b5fdf7697eca7c3c968089e462e62467e5bc90270d
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
3616341a626ff768304cda8ac64aca4a6552ee71d542f2f5db100605ec798548
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3a692146c9ec2f7e2498ab908170143e0a6dc3bcc7d95f52d69e87d75f11898a
4257ae7fef496cc1b81dd5e2fab57e8c938400c10b11566bf3a7fe41ff622f5b
46a0c74dcfb5f26ad8688225fa96e70beaf475fedbf60b3ac517c61dd7a8cb1f
4dc2627f9d1dc33a1762de36848752d4825c77a206438ba6fc1a024dbeb71749
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511dfce7c1f8030304d0d886e6f4a408a84e76c4a8ca8a1ca1a3414dcaf54dd2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5597b61e82a4030e5a234d5a233bc043991a0de5a47fd1ce14a61ea583883dba
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
5cf372abec335b270ff49f4bab91ce6cfc9d2d31971ccc1564720ac375f2827d
5e781551b26f8fdaaa828b555b92cf515e8a481a92ea4f544c25a982e7b9f75b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
63fcc9fc6cf4e04b4c3190ae61fbdd2540d37d73ea1d665a4ffd6d7324847a04
738c90266cb79db53607744bffa92fc9af82018bb1d72f147bdb30355b51f91b
73a9eaebd1e51360e20a453fd080f7dc7ce220eb009c50c3337b41cf1b0db975
7dea77fe7efb84accbd9d2b484b170d923b462b09c97bd0a6e1c3a598a9e585f
7df4cb1633e792be6111befe4599578305e9c781180a6969dff468d0ed52a2e2
807d88ecc70a2cc1190dcd8e5f797138310a11e36f89f12bb4d71dda8cce0eec
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8eb16c0eab583526e5aceef87b6fdd3f9d7074a1902bc09a9c7492fbd07c8117
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
930eb3f887b0f657812c12b21e1648e6955384adedca8aacab2855ed1d0b1acb
93fbf26c7da3d17b1d602ee05d91d63af89666e1c7df99fa9ea7656973102c9d
94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
9d3a4411f186523148f4e4703a96f2259ee672b7b6133abe7953f243f571d7a2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
b0f5a0cc806846ed2f58fbb2740c4c7ef9ad190e401368493c1442b7dcc9eecd
b4ae55eaf1a6ad0b0e57074a1699c9024be2fcff537128e887ca3b8db516d489
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9b69a3dd2271ada2d50dfe7bfaea402e8ae9d830cd245e34fac2437ca33158d
babb18965e9ca0d1953890df5b83fd4d714854b55e5af46dbec4bf768ab534c6
bb88d2cbfcf713d2506dd8ebc0d757b48b1e8ba2de0e67d0950f4e563d753f7e
bc7efc48e5c37e8d392a52637dbdacc1b81c7ba29c8f10cd5a0ddb3cdd3fb180
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
c0e7c44952ddcc2591ef2fc3ef2b99fc6623fa8a02e8f4c04957362695f91dcf
c0f8876521f81784f02c89c3d8ed451c53e60d3b8e6a1937ff5e2c5838fe6e37
c4c85ed7df11b6e808802baa56fe5f5d4edf3fa3fa4b141a0907e41be4b7be79
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
cccceafbf83aec903f0974b23f6c94fac56cebb332adc6d7fb48f4d957ff6329
cda446aa5202736d9e2cd7d2bc90bbd1f1bf5fa2f8555303a88c548095226220
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0
d4f24797ac4621646a35e5e688a697b8595cdcb186317372d3bc70c490bd6c73
d51c21d4759ad4700ca04e820ce6c223f0d2b9f72ee708ae76ebe03b49cd3a0f
d5ea9fcb2a448ba0c621ea95e22d27827e79c5aabee99a0ccea258665e5f40a2
d637341e9d6d89752d08ae604391544a79e884fcb68c56a617c700b906555b7c
da524ab3b63b0729cef49c40106e10fe0f23483c0a761355cbbb7ee3742ccc28
daafcea2be239153d008ee199e76693625d34e974bacea85cf393dda0f8da096
dbe6a6b5b64bf6ea1a25fd5aa7c736f971111fa066ba856cde47432d02dc263b
de614cf8f926b1cd2dd51a6382d8f71e972737dcbf3d792a67baae067eceb1ff
df174ce03e6a22ad812e3301fa1cb4c94bb1c8fc36690e4077a958c4446eabb4
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40143e736f525cb284279c368de9f5a44ab9278dba7911c1157d5ec0ba0a810
e442afceada3ad856d11b90bcc9ccfa5ee84182e6fa2125e5656ab00221f3f20
e467b8cb04f6f34bd50fa7f2f15a21d229f4403a8b88b25456219689377819ce
e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753
e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2
ea39e3754988e70a1f25540adc5c1fe719e14a6e872ae1c281749029fe16dfb4
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
eb493a6b8a417aa33b098f8c0c34376509a6d7032b4f66351133c8325f84189c
ecb02060fbb2cd5a6affe0d185aca6d9227a2c2fc53cd7b5be44ca9b95f2cec5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57
f0537251b74236262947b8ab7e87900b1a00006b3fbab7f2dffebb660498ec4a
f16d8326116bc400f710c0fb751e4c151e84607f53dbc6ef0d7763a874998f3f
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f63c6de989281851ed59dfa1c06a7eecd4ab37f89453a7dd89150a2e1b8be469
f8aadd68eb9c6abebf719b41cefb6466283be19d3154c9e51f38f0bac1bb7b82

www.pua-unemployment-login.com Open in urlscan Pro 2a06:98c1:3121::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

152 Requests

98 %HTTPS

63 %IPv6

20 Domains

37 Subdomains

31 IPs

5 Countries

1586 kBTransfer

4081 kBSize

22 Cookies

5 Outgoing links

Redirected requests

152 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.pua-unemployment-login.com Open in urlscan Pro
2a06:98c1:3121::a Public Scan

Screenshot
Live screenshot

Full Image

152
Requests

98 %
HTTPS

63 %
IPv6

20
Domains

37
Subdomains

31
IPs

5
Countries

1586 kB
Transfer

4081 kB
Size

22
Cookies

152 HTTP transactions
4 data transactions