urlscan.io logo urlscan.io
SecurityTrails logo

ordsearch.net Open in urlscan Pro
45.120.69.32  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://ordsearch.net/
Effective URL: https://ordsearch.net/
Submission: On November 17 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 4 countries across 14 domains to perform 101 HTTP transactions. The main IP is 45.120.69.32, located in Korea, Republic Of and belongs to LGDACOM LG DACOM Corporation, KR. The main domain is ordsearch.net.
TLS certificate: Issued by R3 on November 17th 2023. Valid for: 3 months.
This is the only time ordsearch.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 19 45.120.69.32 3786 (LGDACOM L...)
2 2a00:1450:400... 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 9 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2001:4860:480... 15169 (GOOGLE)
1 2a02:2638:3::12 44788 (ASN-CRITE...)
21 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
10 2a02:2638:3::3 44788 (ASN-CRITE...)
1 178.250.1.6 44788 (ASN-CRITE...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a02:2638:3::10 44788 (ASN-CRITE...)
1 2a02:2638:3::1a 44788 (ASN-CRITE...)
7 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 142.250.185.226 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
101 22
19    45.120.69.32 (Korea, Republic Of)

ASN3786 (LGDACOM LG DACOM Corporation, KR)
ordsearch.net
2    2a00:1450:4001:808::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
9    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
9    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
1    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
21    2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
10    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
1    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
8    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
1    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
7    2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
www.googleadservices.com
1    2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
360 KB
19 criteo.net
static.criteo.net — Cisco Umbrella Rank: 668
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986
csm.eu.criteo.net — Cisco Umbrella Rank: 10557
77 KB
19 ordsearch.net
ordsearch.net
899 KB
9 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
83 KB
7 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
128 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
region1.google-analytics.com — Cisco Umbrella Rank: 2462
21 KB
3 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 10450
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925
53 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 145
2 gstatic.com
www.gstatic.com
fonts.gstatic.com
49 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
128 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
2 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
148 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
5 KB
101 14
Domain Requested by
21 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
19 ordsearch.net 1 redirects ordsearch.net
10 static.criteo.net ads.eu.criteo.com
cdnjs.cloudflare.com
static.criteo.net
9 googleads.g.doubleclick.net 1 redirects pagead2.googlesyndication.com
googleads.g.doubleclick.net
ordsearch.net
9 pagead2.googlesyndication.com ordsearch.net
pagead2.googlesyndication.com
googleads.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
8 imageproxy.eu.criteo.net ads.eu.criteo.com
7 cdn.ampproject.org googleads.g.doubleclick.net
pagead2.googlesyndication.com
2 www.googleadservices.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 fonts.googleapis.com ordsearch.net
googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 www.googletagmanager.com ordsearch.net
www.googletagmanager.com
1 www.google.com tpc.googlesyndication.com
1 fonts.gstatic.com fonts.googleapis.com
1 www.gstatic.com googleads.g.doubleclick.net
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 csm.eu.criteo.net ads.eu.criteo.com
1 cdnjs.cloudflare.com ads.eu.criteo.com
1 cat.nl3.eu.criteo.com ads.eu.criteo.com
1 ads.eu.criteo.com googleads.g.doubleclick.net
101 21

This site contains links to these domains. Also see Links.

Domain
gall.dcinside.com
cafe.naver.com
weingchicken.com
Subject Issuer Validity Valid
ordsearch.net
R3		 2023-11-17 -
2024-02-15		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-29 -
2023-12-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-09 -
2024-01-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-30 -
2023-12-25		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-10-17 -
2024-01-18		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-23 -
2024-01-15		 3 months crt.sh

This page contains 11 frames:

Primary Page: https://ordsearch.net/
Frame ID: EF1BB0BA58081221A222B799C4BC19D1
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: 07DABC5500A318704EEDE5C4E134FDE1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&adk=1812271804&adf=3025194257&lmt=1700238216&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fordsearch.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238215138&bpp=1043&bdt=274&idt=1252&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=351463963094&frm=20&pv=2&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1271
Frame ID: 6DA69CE2F455FFD68AB9B8EC1C0CE936
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Frame ID: B3D83332E23450F9B1FA4A40273F5FBD
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
Frame ID: 3585DB3C06111F7DF67DAAD0E8DBB84B
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Frame ID: 14DEE87ECCF133D2AC8FCE84E3373C19
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1290008269&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216261&bpp=5&bdt=1397&idt=167&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183%2C338x280&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=169
Frame ID: 98B2E6DFD645519BAA841B1394034B96
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Frame ID: CF635A58B5AE40F92DDD4FEDFA506A39
Requests: 22 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Frame ID: 47DAC09201C3DF795A9FB2981A2A39ED
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 69B1049B520E952E606687AF548E4B7C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 709B280AB01C5895C79A3283BD015492
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

원랜디 캐릭터 검색기

Page URL History Show full URLs

  1. http://ordsearch.net/ HTTP 301
    https://ordsearch.net/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js

Page Statistics

101
Requests

99 %
HTTPS

86 %
IPv6

14
Domains

21
Subdomains

22
IPs

4
Countries

1955 kB
Transfer

3768 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://ordsearch.net/ HTTP 301
    https://ordsearch.net/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 91
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CbrmFiJNXZdOPHNTM1fAP1KCHiAuzx7CjbvL5-OGJD9rZHhABIJz6oyNglbKpgrAHoAGumIqiAsgBCakCCmX3rhg1sj6oAwHIA8sEqgTJAU_QY3IKkifRVlzvgHSj6WvGtNsGoIezxLuZLgE0gSNwWXYslVuBTOW5IKJ5D5psoqhpTX-EkfLHNkNr-EErhQo_efTWevehooNhD34cH8BPLUka51bA8mT7mnrrm-TV2rLNMCKMkoyhHhSIyRYQyUAJzOhZcGqWvs-VY_s3TbKbekcPn5rkReqOXmXNQY6QgZkGjAyf22XZ5hVGB21rgwALt4wqKUQeR1zrwGRNq4BxjqTWrFaBpUlzTCG06Y8olCZlFzv47BmmT8AE2c-_mogDiAWT-vmMKJIFBAgEGAGSBQQIBRgEoAYugAe65_XdAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKWcCtIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCSBodHRwczovL3hjcmFmdC5uZXQvcmVnaXN0cmF0aW9uL4AKAcgLAaIMGCoWChTktLEC7rWxArW4sQLktLEC7rWxAtgTDIgUAdAVAYAXAbIXHAoaCAASFHB1Yi01MzE0MTUzNTg1NDQyNTY4GAA&sigh=e-4OCUX9Dgo&uach_m=[UACH]&ase=2&nis=4&cid=CAQSTgDICaaN47GGj9HV5FEgU-DXtZ3oqSYiDqIkCYZRwAQCaP8I0LUKVQfWNL0prEjYrjwWFaftJaUQuRnyybqUS_pP2AT6aRcyvTBVcNpHrhgB&template_id=5000&cbvp=2&vis=1 HTTP 302
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228584578537697636954%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222268995242282621361%22}&andc=true

101 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ordsearch.net/
Redirect Chain
  • http://ordsearch.net/
  • https://ordsearch.net/
63 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
d7d42f3f4deadc172b2c3a69892c9118e85d2efd79d320c039e68f5cd671f3f9
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache, private
Connection
keep-alive
Content-Encoding
gzip
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
Content-Type
text/html; charset=UTF-8
Date
Fri, 17 Nov 2023 16:23:34 GMT
Server
nginx/1.18.0 (Ubuntu)
Transfer-Encoding
chunked
X-Content-Type-Options
nosniff
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com

Redirect headers

Connection
keep-alive
Content-Length
178
Content-Type
text/html
Date
Fri, 17 Nov 2023 16:23:33 GMT
Location
https://ordsearch.net/
Server
nginx/1.18.0 (Ubuntu)
js
www.googletagmanager.com/gtag/ 		186 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-125017129-2
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc318b2befb4333a8c1fbe3f0600f8e5c616102c0bf4ab059765d12cc688cf0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:34 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
68662
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 17 Nov 2023 16:23:34 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		157 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
97d63570628247761590d93f90d03cd2026268739e732f21c4c8dd0edb28a453
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:35 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53403
x-xss-protection
0
server
cafe
etag
15201842247284314235
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 16:23:35 GMT
app.css
ordsearch.net/css/ 		221 KB
221 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/css/app.css?id=d4db628e3d1350a184eb
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
f8cca6df4bf116a6e247a170e1f05dbf6cc7422ecc2436cf9fca754f9a2491e4
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:34 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Sep 2022 22:34:25 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"632b9171-373b5"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
226229
jquery.orgchart.min.css
ordsearch.net/css/ 		7 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/css/jquery.orgchart.min.css
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e542ffaba224bb5ff33c14d8991269d9134502718a866b97c1c44bbfa5c655d8
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:35 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Aug 2022 16:29:50 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"630e3afe-1a07"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6663
main-logo.png
ordsearch.net/images/ 		8 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ordsearch.net/images/main-logo.png
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ecf163cc9423cf0b9a1b1ef7e76fe5087cb15707fff5c4cad2d6959fdbe32159
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:35 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Tue, 30 Aug 2022 16:29:50 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"630e3afe-219e"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
8606
110.png
ordsearch.net/storage/images/units/ord/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ordsearch.net/storage/images/units/ord/110.png?id=20230307004216
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
29e8243cd2442d92694ddb0e6daf538c77585f4a23bae4412c6e3d4a1184b1dc
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:35 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Oct 2023 12:44:40 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"651c0cb8-7cff"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31999
211.png
ordsearch.net/storage/images/units/ord/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ordsearch.net/storage/images/units/ord/211.png?id=20230903012740
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
faf417554ec51c079733b822714bd4b7e9e77244c70cbf32f45eb637f9bd4cdf
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Oct 2023 12:44:40 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"651c0cb8-7bc5"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
31685
257.png
ordsearch.net/storage/images/units/ord/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ordsearch.net/storage/images/units/ord/257.png?id=20230903011634
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
67c8bc20804324b597ade2ffc30837a05cd6d36b3d5f7cb1946f039ee1d1265b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Oct 2023 12:44:40 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"651c0cb8-723a"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29242
326.png
ordsearch.net/storage/images/units/ord/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ordsearch.net/storage/images/units/ord/326.png?id=20230903011146
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ce583499029038aae14c8522e0ba11c316906d21c3eec82d4a5c647818fb9a9b
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Oct 2023 12:44:41 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"651c0cb9-701b"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
28699
206.png
ordsearch.net/storage/images/units/ord/ 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ordsearch.net/storage/images/units/ord/206.png?id=20230903010955
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
813fc078afbbf5216012f8c8de6b9ac5685394999e4de08835d9195c99f119fd
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Oct 2023 12:44:40 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"651c0cb8-861c"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
34332
134.png
ordsearch.net/storage/images/units/ord/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ordsearch.net/storage/images/units/ord/134.png?id=20230903010532
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
5a23bf4040151842ed482bb8d63486fb91c2c00c91132fe11b2ff55c6456a0d1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:37 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Tue, 03 Oct 2023 12:44:40 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"651c0cb8-7ddb"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32219
app.js
ordsearch.net/js/ 		262 KB
262 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/js/app.js?id=10d16cc9f49605051cbe
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
df292625cd5f9b0db9759c9f9e3241b44583b68efcff4f5185ca855dad03638a
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:35 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Sep 2022 22:31:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"632b90ba-416bb"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
267963
clipboard.js
ordsearch.net/js/lib/ 		26 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/js/lib/clipboard.js?id=908af414ab0d3801dc9e
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
ba5f78267d0c04e8a31aebd7860c7fd7fc236891cddd477a4c7fdc19a0eb176e
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Sep 2022 22:31:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"632b90ba-68b7"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26807
save.js
ordsearch.net/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/js/save.js?id=e23d9dd638c3b6212cbc
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
acc865fc9fec09d376a8592d451828ab56208f52d0a6159f3f36f68213dfb954
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Thu, 17 Nov 2022 16:53:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63766702-940"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2368
quiz.js
ordsearch.net/js/ 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/js/quiz.js?id=6ae4bf2c7b34ea516caa
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
768581e447e950f5fb07a322b58bd1b1d7abe14cf624e85e73e5340f63ef94b1
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Mon, 14 Nov 2022 14:08:45 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63724bed-810"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2064
home.js
ordsearch.net/js/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/js/home.js?id=982453c15f8796134d82
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
14d490997906adfae9f6adce34c4677b2418f30da9b0fe54a65f92d16f476cc0
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Sun, 08 Jan 2023 17:08:27 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"63baf88b-bef"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
application/javascript; charset=utf-8
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3055
js
www.googletagmanager.com/gtag/ 		228 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-KT6BFGNQ1Q&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125017129-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0da5727b35fe0fecaed597a6b52ad36229c11dbc388b0543fc09d332693b6fd2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
81910
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 17 Nov 2023 16:23:36 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-125017129-2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 17 Nov 2023 15:49:41 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2035
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 17 Nov 2023 17:49:41 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 		397 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314153585442568&plah=ordsearch.net&bust=31079654
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b786479a0c0a6f1000f22f66049ebfb5b183f1571aa26ad4b54b3a3eb9abbb3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
137189
x-xss-protection
0
server
cafe
etag
217014917179472930
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 16:23:36 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame 07DA 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordsearch.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31407
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 07:40:08 GMT
etag
16674218716276178799
expires
Fri, 01 Dec 2023 07:40:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
css
fonts.googleapis.com/ 		2 KB
959 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Nunito
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/css/app.css?id=d4db628e3d1350a184eb
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
39b752928c723222cf1a05d1a77a7f64ce5a8f055f3d1052ad03a2f2d6370265
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 16:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:27:11 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 16:23:36 GMT
webfa-solid-900.woff2
ordsearch.net/fonts/vendor/@fortawesome/fontawesome-free/ 		76 KB
77 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/fonts/vendor/@fortawesome/fontawesome-free/webfa-solid-900.woff2?d824df7eb2e268626a2dd9a6a741ac4e
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/css/app.css?id=d4db628e3d1350a184eb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

Referer
https://ordsearch.net/css/app.css?id=d4db628e3d1350a184eb
Origin
https://ordsearch.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Sep 2022 22:31:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"632b90ba-131bc"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
78268
webfa-regular-400.woff2
ordsearch.net/fonts/vendor/@fortawesome/fontawesome-free/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/fonts/vendor/@fortawesome/fontawesome-free/webfa-regular-400.woff2?b91d376b8d7646d671cd820950d5f7f1
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/css/app.css?id=d4db628e3d1350a184eb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

Referer
https://ordsearch.net/css/app.css?id=d4db628e3d1350a184eb
Origin
https://ordsearch.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Sep 2022 22:31:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"632b90ba-33a8"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
13224
webfa-brands-400.woff2
ordsearch.net/fonts/vendor/@fortawesome/fontawesome-free/ 		75 KB
75 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://ordsearch.net/fonts/vendor/@fortawesome/fontawesome-free/webfa-brands-400.woff2?ed311c7a0ade9a75bb3ebf5a7670f31d
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/css/app.css?id=d4db628e3d1350a184eb
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
45.120.69.32 , Korea, Republic Of, ASN3786 (LGDACOM LG DACOM Corporation, KR),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Request headers

Referer
https://ordsearch.net/css/app.css?id=d4db628e3d1350a184eb
Origin
https://ordsearch.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date
Fri, 17 Nov 2023 16:23:36 GMT
Content-Security-Policy
frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options
nosniff
Last-Modified
Wed, 21 Sep 2022 22:31:22 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"632b90ba-12bc0"
X-Frame-Options
allow-from https://weingchicken.tistory.com https://weingchicken.com
Content-Type
application/octet-stream
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
76736
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KT6BFGNQ1Q&gtm=45je3b81v9134565178&_p=1700238214881&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1776261028.1700238216&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EAAI&_s=1&sid=1700238216&sct=1&seg=0&dl=https%3A%2F%2Fordsearch.net%2F&dt=%EC%9B%90%EB%9E%9C%EB%94%94%20%EC%BA%90%EB%A6%AD%ED%84%B0%20%EA%B2%80%EC%83%89%EA%B8%B0&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=3733
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT6BFGNQ1Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 16:23:36 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ordsearch.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
204 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=387362815&t=pageview&_s=1&dl=https%3A%2F%2Fordsearch.net%2F&ul=en-us&de=UTF-8&dt=%EC%9B%90%EB%9E%9C%EB%94%94%20%EC%BA%90%EB%A6%AD%ED%84%B0%20%EA%B2%80%EC%83%89%EA%B8%B0&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1890601421&gjid=854000298&cid=1776261028.1700238216&tid=UA-125017129-2&_gid=196920336.1700238216&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&jsscut=1&z=1693466966
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://ordsearch.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 16:23:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ordsearch.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 6DA6 		16 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&adk=1812271804&adf=3025194257&lmt=1700238216&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=212x810_l%7C212x810_r&format=0x0&url=https%3A%2F%2Fordsearch.net%2F&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~5&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238215138&bpp=1043&bdt=274&idt=1252&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=351463963094&frm=20&pv=2&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=1271
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314153585442568&plah=ordsearch.net&bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aa3c8f56d38285c8a807052b690c85996fbb2a1d7b144cafd6a15e56e189ff6f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordsearch.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
1416
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:23:36 GMT
expires
Fri, 17 Nov 2023 16:23:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame B3D8 		130 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314153585442568&plah=ordsearch.net&bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b182877b652dc3e02f6739af842311b0e6a315a693661a32e7060d44761c50ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordsearch.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
42603
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:23:37 GMT
expires
Fri, 17 Nov 2023 16:23:37 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3585 		36 KB
15 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314153585442568&plah=ordsearch.net&bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
961581102560267c2eef54ff4f2ece4e06b5cc0caf5cc2937b8944d4853b7039
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordsearch.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
14707
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:23:36 GMT
expires
Fri, 17 Nov 2023 16:23:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 14DE 		133 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314153585442568&plah=ordsearch.net&bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
af1d171265b23f5a8718fee1dd56af4d91b99573e93b6b43da9f2d6e93d7d61f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordsearch.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-expose-headers
x-google-amp-ad-validated-version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
20040
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:23:36 GMT
expires
Fri, 17 Nov 2023 16:23:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 98B2 		722 B
530 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1290008269&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216261&bpp=5&bdt=1397&idt=167&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183%2C338x280&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=1956&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=2&fsb=1&dtd=169
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314153585442568&plah=ordsearch.net&bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5ba9fb0f8c9827576314dd8513560e0f82c0e5640a874e16510af54305aea22a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordsearch.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
358
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:23:36 GMT
expires
Fri, 17 Nov 2023 16:23:36 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
afr.php
ads.eu.criteo.com/delivery/r/ Frame CF63 		163 KB
53 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
725c9df5667afb9dc3535263b5b8febdc731022d4dd01563ae746963494c5b08
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:23:35 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=29hYl6OJI-quKiX6_vtCFjHxsyqsuGHCvlPNZy3Nj-zaN2SxV67JwNL6Cot39aKHoYoHB2xIRS_7g850wC6nqHR79POlwOxakJktKi2fBtMSoUEebwsO40XCm04xb8iEoQ7EfpbULQ5Iwn4zbgo4chOcOKr6AIZ0Xicyn4iOFwZzfZZkPVVSeCpuLxT7c5IWZFbW9O5VtXiAYAT-3tEtpuHC1GevAGFrwbxPGvHqe4DT77Mvz10xTG50DWYVD0brnrBeuQ"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
65685132
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3585 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 11:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
19359
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 11:00:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame 3585 		20 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
61598
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame 3585 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 16:23:36 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame CF63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Nov 2024 16:23:36 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame CF63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Nov 2024 16:23:36 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame CF63 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Mon, 11 Nov 2024 16:23:36 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame CF63 		293 B
622 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Mon, 11 Nov 2024 16:23:36 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame CF63 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=3PrW_hiS2CFxMGBZS-Ik8zpbHBo6ZgfCc8164_WpNsLnBAXp_yraK0q8bEqoXYcZf6ezvMEY-UGDpD5sH3COr30jmjMOaIcUi2z7g3HouuRffaVo-UWBzYyhYZ7B2wpdG4FT9N_lgbhqJ026-9hsYVqcm2DW2aJet2vW0vW_tD-FYM0dAT69fvCO4EffURkDd0JU1SsFlo5UQ4NAoDevwRPoP_5jMjyGrTJ-xj9IGgaywQGbmM5qh-RPaCfdmEIBGLbty3ciQzE2qShD9_pPO2RhWhq2tA6IF3FSKxv8ayr26L97S5Bon8tvqEAIfThHRTxG0sAOxaFUcJAIcRsse49Cj7yINtQ5W1L4b-v4RDB4CI2MPBigYRS0ESi4t1FPs4gvRbkymYr28ObloClU2WX3sycvJtdjX8U5aX6CZWUQ4FtfA-6UMMi9kyHTckCugrlDWQ
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1750715
expires
Mon, 26 Jul 1997 05:00:00 GMT
truncated
/ Frame 3585 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7595efdbbabb8d268d7f3855d51cae99f8370f481742d2de190901ef410c04b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CF63 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
481381
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wH9NkjeFc27phOgr%2BpT3mG2ZydUFMUTNdYn3wEKAaZv5lmR40JK9LlrN7zyZ%2FiDVDKv7Wtih3NOEh5o9MJ1IL25Mwst1PHMnLDXeMu%2BYLJURt7uwxl7pjNpvb18IR%2B4SwL2mMePqhvackeGll0lnly%2Bp"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
827951b838074d25-FRA
expires
Wed, 06 Nov 2024 16:23:37 GMT
animejs.js
static.criteo.net/animejs/ Frame CF63 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Nov 2024 16:23:36 GMT
img
imageproxy.eu.criteo.net/img/ Frame CF63 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=362&m=0&partner=19906&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F19906%2F190812%2F319a2d5469c04e068839667ed003cd32_logo4.png&v=3&w=196&rid=4&s=nH1afKVXDYNNxoxwCbZxCc6q
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3499c40fb2a828918f50d4d4b1daa09d3b3470a48033136ec99afd3300df608
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
7882
expires
Sun, 03 Nov 2024 05:28:17 GMT
img
imageproxy.eu.criteo.net/img/ Frame CF63 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F12126311_2-202108130002.jpg&v=3&w=400&rid=4&s=L0oDTP2b8TwjcfDgCxE3O9qC&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0c659c2351251346d80951411cf3e8704b382d17b990f900212543f96faaa44d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
3134
expires
Tue, 05 Nov 2024 03:33:20 GMT
img
imageproxy.eu.criteo.net/img/ Frame CF63 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F13345971_5-202006180919.jpg&v=3&w=400&rid=4&s=gGiLed_x9-o4zvD2DeeA87-J&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
8b0729c39a1048f859d3dc08ab52a723c829235cd4b7d255e13f0588250f460a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
8902
expires
Sun, 03 Nov 2024 08:27:01 GMT
img
imageproxy.eu.criteo.net/img/ Frame CF63 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F19906%2Fbadgeupdate.png&v=3&w=400&rid=4&s=sFPYPwb7keL_Ew6_IWjCVNv_
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/png
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
4547
expires
Thu, 07 Nov 2024 09:55:04 GMT
img
imageproxy.eu.criteo.net/img/ Frame CF63 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F25405448_11-202001152239.jpg&v=3&w=400&rid=4&s=PkbKdIBWqB9W54Mb8PQdfVE7&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
414b8e48407d8b3afaf6b9e83c470a7670762ed45591f2b15c9ee2577b56b900
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
2680
expires
Sat, 02 Nov 2024 15:26:28 GMT
img
imageproxy.eu.criteo.net/img/ Frame CF63 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F11524767_2-202110061234.jpg&v=3&w=400&rid=4&s=OVZiaA2ZC7eUuoB5li5x_PwJ&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
431097f4f934bdc8ae8ea0d5d33a07573e22cf31f50e02499a1b12b98be7c4a2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
9592
expires
Sat, 26 Oct 2024 05:01:44 GMT
img
imageproxy.eu.criteo.net/img/ Frame CF63 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F40840685_2-202310091239.jpg&v=3&w=400&rid=4&s=Z01IJN70vJPBN2PC3JAUPV16&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
06d192d9224c1e41a76a3c27e4802144f9d3387a23433071f543fc71ad31fe8d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
2892
expires
Wed, 06 Nov 2024 12:52:18 GMT
img
imageproxy.eu.criteo.net/img/ Frame CF63 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=19906&q=80&r=0&u=https%3A%2F%2Fmedia.hoeffner.de%2Fmedias%2Fzoom%2F23407005_2-202101222236.jpg&v=3&w=400&rid=4&s=AooNwJOP2pZ24f7PVX4Q4IQ-&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
f5b0588c84deaf8c686a053db33a151517e75b4e19f9f10d227c5c18ed127eb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
6086
expires
Sun, 03 Nov 2024 05:03:36 GMT
all
csm.eu.criteo.net/ Frame CF63 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=29hYl6OJI-quKiX6_vtCFjHxsyqsuGHCvlPNZy3Nj-zaN2SxV67JwNL6Cot39aKHoYoHB2xIRS_7g850wC6nqHR79POlwOxakJktKi2fBtMSoUEebwsO40XCm04xb8iEoQ7EfpbULQ5Iwn4zbgo4chOcOKr6AIZ0Xicyn4iOFwZzfZZkPVVSeCpuLxT7c5IWZFbW9O5VtXiAYAT-3tEtpuHC1GevAGFrwbxPGvHqe4DT77Mvz10xTG50DWYVD0brnrBeuQ&sds=2&rev=89278&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Fri, 17 Nov 2023 16:23:36 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CF63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Nov 2024 16:23:37 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame CF63 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&u=%7CsT35VEh3YT2e15Ox%2BZZ7nLwSU3BRI%2By%2Bmw6tlz1MJT0%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC867Tishc1WfBCxqb_88_v6ThvBqPS0wnBX5T3i1aT1XXXbkHL2CtqIYLaD_W-MmTbQjnK6ocGszg8nXeZvJYQMhKDcc2ktv8j1rp_izWnaB6wZlK0LhAAq4tn3GBnAObVXjWswjpJ1i7ndKtYcoH6FM6vlVG225cTeEfhw_-LVAOcME8ee0f7Qe07SHQ15KGgaaWtwcksdVSwXMxD9ksSAdTLF5V_Hfk9DzdnaZLqjFNZa9mVSPDLjOYxJmw7EX-Ia6nN-loGXWtDN-nCn36F0rBStHDVMowBY4rfavTLeXYHaXmeZ5IhEWmH4TMBQZ2hCMvEmh958twCiaSFldQ-YY5-hlK7qlFxA9E9yOnAlHYsxQXOzsENKcJyDBto5xjqTQny2kIkknN5xQwi2mLFvMkVERDeWf4TaUhD2uosnwXIwkbCtegqxHgkQsvMIRAmfiVP9Q9RZfjst24t0kSvS89n8g8mrSvk39y_RMCsOPCQwaUC3JYfDUKy55jcib2wV9z0DPSMnlTd0ez3mYUmcDTAHrWBadjc3u-Cac4uDoYWM4zxEZLEMukgsXWICQi-eg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCKqnSiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTJAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadxwVIy-qGDUwiYwUgONodmkgatNdql-ztLqfaQlnVls4n1qrCjiEnnYDYAG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOvoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3gRmVk0uyXuDNiNdR1i3rr9Tvdjg%26client%3Dca-pub-5314153585442568%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Nov 2024 16:23:37 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310301456000/ Frame 14DE 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-v0.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 02:37:57 GMT
age
49540
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56081
x-xss-protection
0
server
sffe
etag
"6a17d296884b026a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 02:37:57 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 14DE 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 05:14:53 GMT
age
299324
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5225
x-xss-protection
0
server
sffe
etag
"0b7142e00666043e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 05:14:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 14DE 		95 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-analytics-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 03:53:12 GMT
age
45025
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29077
x-xss-protection
0
server
sffe
etag
"7b1f1965b6cd6fda"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 03:53:12 GMT
amp-animation-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 14DE 		72 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-animation-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Tue, 14 Nov 2023 05:00:42 GMT
age
300175
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16661
x-xss-protection
0
server
sffe
etag
"6d0f8508d14b183a"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Wed, 13 Nov 2024 05:00:42 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 14DE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-fit-text-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Fri, 17 Nov 2023 01:14:32 GMT
age
54545
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1911
x-xss-protection
0
server
sffe
etag
"5b0a82507b260c6e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Sat, 16 Nov 2024 01:14:32 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310301456000/v0/ Frame 14DE 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/v0/amp-form-0.1.mjs
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 16 Nov 2023 14:54:32 GMT
age
91745
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12952
x-xss-protection
0
server
sffe
etag
"9817e561a46c70fa"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Nov 2024 14:54:32 GMT
ko.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 14DE 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/ko.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 19:15:06 GMT
x-content-type-options
nosniff
server
cafe
age
76110
etag
17534803318082699211
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2552
x-xss-protection
0
expires
Fri, 17 Nov 2023 19:15:06 GMT
icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 14DE 		344 B
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/abg/icon.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 12:49:12 GMT
x-content-type-options
nosniff
server
cafe
age
12864
etag
6766994032117382215
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
344
x-xss-protection
0
expires
Sat, 18 Nov 2023 12:49:12 GMT
truncated
/ Frame 14DE 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dc5f05c666ac177f0bf70d6057ba7c5be9d739e2bb3d5fac7c72c7ad8cc814f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
img1.jpg
tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/ Frame 14DE 		35 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/img1.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b7071d42204bf69dcd3fcb6844a8cf29532c6856e65fc5137b0047e667869208
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:33:25 GMT
x-content-type-options
nosniff
age
388212
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35464
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:29:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Nov 2024 04:33:25 GMT
img2.jpg
tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/ Frame 14DE 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/img2.jpg
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e7d3a6b96adc18601896d50359fb589c001b0e7cfda8229c92c8a32383a5d69b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:04:27 GMT
x-content-type-options
nosniff
age
155950
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15726
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:29:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 14 Nov 2024 21:04:27 GMT
logo.png
tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/ Frame 14DE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/logo.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4452bc4d16309455982365fbe44c9294333c29dc89a7d69d6e7ac9ea92ffafb8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 08:49:33 GMT
x-content-type-options
nosniff
age
372844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2215
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:29:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Nov 2024 08:49:33 GMT
txt1.png
tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/ Frame 14DE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/txt1.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1598c57200d136aad7124f838118170d41a2d58d261bca325d05222cd96ed4c9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 04:03:35 GMT
x-content-type-options
nosniff
age
390002
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1825
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:29:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Nov 2024 04:03:35 GMT
txt2.png
tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/ Frame 14DE 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/txt2.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e409280b06086a0d40c127dcaa3a1227c25a2da51c68b53f1b457e518869bd46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:03:10 GMT
x-content-type-options
nosniff
age
58827
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2940
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:29:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 16 Nov 2024 00:03:10 GMT
txt3.png
tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/ Frame 14DE 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/txt3.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a339ffe9fa95c79db056d169f2ad3be875ffb8971ac11da082ea6d7ee750b8cd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:17:16 GMT
x-content-type-options
nosniff
age
61581
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6276
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:29:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Nov 2024 23:17:16 GMT
abspann.png
tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/ Frame 14DE 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/abspann.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1db2a90e6e3782834b6f20c298acd4ea7bac24eafe07b457c0f58e2130f442ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:40:42 GMT
x-content-type-options
nosniff
age
240175
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5305
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:29:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Nov 2024 21:40:42 GMT
cta.png
tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/ Frame 14DE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/cta.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
064669bfdbd4021060280b2b9d5ae75554cf7d00c37ff7cd5b67eb9fe86401b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Mon, 13 Nov 2023 08:49:33 GMT
x-content-type-options
nosniff
age
372844
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1607
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:29:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 12 Nov 2024 08:49:33 GMT
claim.png
tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/ Frame 14DE 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/sadbundle/16437125425476019664/Vaillant-DE-B2B-BesserImTeam-PersoenlicheUnterstuetzung-300x250-DCM/img/claim.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f2b99e0ac804013dc7370410a8653c4f42082e990c1000809eb9a9aea52d2c97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:17:16 GMT
x-content-type-options
nosniff
age
61581
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1718
x-xss-protection
0
last-modified
Mon, 28 Aug 2023 08:29:35 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 15 Nov 2024 23:17:16 GMT
opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame CF63 		2 KB
899 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Nov 2024 16:23:37 GMT
opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame CF63 		2 KB
900 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:05 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f079-9fe"
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Nov 2024 16:23:37 GMT
opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame CF63 		16 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 08 Dec 2022 14:11:03 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"6391f077-4164"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Mon, 11 Nov 2024 16:23:37 GMT
amp4ads-host-v0.js
cdn.ampproject.org/rtv/012310301456000/ 		23 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310301456000/amp4ads-host-v0.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314153585442568&plah=ordsearch.net&bust=31079654
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Thu, 16 Nov 2023 19:30:31 GMT
age
75186
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7813
x-xss-protection
0
server
sffe
etag
"1d4497e3d264bf30"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 15 Nov 2024 19:30:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 3585 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C6lmeiJNXZc-ZHOTF1fAPh-iwuALJntKxXJXJlPdwwI23ARABIABglbKpgrAHggEXY2EtcHViLTUzMTQxNTM1ODU0NDI1NjjIAQmpAgpl964YNbI-qAMByAMCqgTGAU_QmG6XpREbra2RNxCrBJc5r0c7uDXzTuKWCnkRFqkta378T-6DBqKrzF4ooOkL4F6ehblsjZZ0V-PVHLmhr939RVE-oYdYg5KohuWemszEY97vnJ_g3mwoJyoiZ494_h6DfyrSB4eVB3F-7YhWw4nzEMRVCZv3xed_mwfqE6ac6OOSUFlUaPUMIft1v0wNDR0GCI4NHl05vvlzwJKEadwyVq0sKPME_4DgddkBgTAAj4xHwKNQ1lBetZmDb-ZyzmXyZrzC-4AG-IXlwquL4LGCAaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCBQIgOGAEBABMgKqAjoCgEBIvf3BOoAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MzE0MTUzNTg1NDQyNTY4GAA&sigh=Xw-FQpMS1kM&uach_m=[UACH]&cid=CAQSTwDICaaNnuYKbzkfF7fujKk0h4Vdywur9I3DvHcmJSWDuUFNIBevn-cuJnZbbFa4Cs_gXpvirGwJ6ykdHr6xBinTytAMXLSJXvF0J35HchsYAQ&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 16:23:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 16:23:37 GMT
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 3585 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kOz_GMz6RNwFtwGdg2ICAgAAAKbcY8B1ARI1EIiTV2VQjVmIRLlKl8GyAAASAAAKCkFRVURBUUVCQVE&wp=ZVeTiAAHDM8IFWLkAAw0B0sbXTUWT4GbCg_4uQ&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
149241
server
Kestrel
content-length
0
adview
googleads.g.doubleclick.net/pagead/ Frame 14DE 		0
23 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CK0mViJNXZZm2HP_J1fAPm66W4A6F9baZdNrKsICFEsDayIenPxABIJz6oyNglbKpgrAHoAHOw7L-A8gBCakCCmX3rhg1sj6oAwHIAwiqBM0BT9C-j0jBV8a_UEdmTEMnUTRlARw4NaoyRuCyCMqkVDnRb0VpHhb8hHemfZdB4sLhRxoXnOLHZ4TUGHvtpyVYVJck-QlgqITmCChNCxESuoMwQ69_w4U9TVE2X2di4bHOZavxNCWJgD2ECkHQ0iXyLpzyba06Zigl_mf8_EilmmdV0lHr1918f3sWWOmQDim0G78QxgbaP4CCDGRmoH8GM4ml-1SNjcMQ4OJQHvGQLXNTycjJiwIyWd-NqgwQjI6DdysfFooFtLgI4q3zh8AEleb0g7cEiAXZ9bqjTKAGLoAHmrzNAagH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEOyOBdIIFgiA4YAQEAEYHzICqgI6AoBASL39wTqaCUFodHRwOi8vd3d3LnZhaWxsYW50LmRlL2ZhY2hwYXJ0bmVybmV0L3VudGVyc3R1ZXR6dW5nLXBlcnNvZW5saWNoL4AKAcgLAaIMECoOCgzktLEC7rWxArW4sQLYEwOIFAHQFQGYFgGAFwGyFxwKGggAEhRwdWItNTMxNDE1MzU4NTQ0MjU2OBgA&sigh=fDjvJbymbsQ&uach_m=%5B%5D&ase=2&nis=5&cid=CAQSTwDICaaNm0Mm6Yvkx4Eh4pYEBgzxbBfOBYcUrf_oogqn_2OcVh7E62hMasa3TrSWERLVo5oCklYiEVikVNAwq1Se9rsb2igoI1zvOu9Ck24YAQ&template_id=419&cbvp=2
Requested by
Host: ordsearch.net
URL: https://ordsearch.net/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=280&slotname=4810566957&adk=2556134233&adf=1707200356&pi=t.ma~as.4810566957&w=338&fwrn=4&fwrnh=100&lmt=1700238216&rafmt=1&format=338x280&url=https%3A%2F%2Fordsearch.net%2F&ea=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216242&bpp=14&bdt=1378&idt=182&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1001&ady=844&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&fsb=1&dtd=184
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 16:23:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 16:23:37 GMT
css
fonts.googleapis.com/ Frame B3D8 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 17 Nov 2023 15:24:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 17 Nov 2023 16:23:37 GMT
load_preloaded_resource_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B3D8 		2 KB
822 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 15:51:29 GMT
content-encoding
br
x-content-type-options
nosniff
age
1928
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 15:51:29 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/ Frame B3D8 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/abg_lite_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 02:17:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
50772
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9282
x-xss-protection
0
server
cafe
etag
14645652906762492339
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 02:17:25 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B3D8 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 11:00:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
19360
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 01 Dec 2023 11:00:57 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame B3D8 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Thu, 16 Nov 2023 23:16:58 GMT
content-encoding
br
x-content-type-options
nosniff
age
61599
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8541
x-xss-protection
0
server
cafe
etag
737174102934380276
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Thu, 30 Nov 2023 23:16:58 GMT
ufs_web_display.js
www.googletagservices.com/activeview/js/current/ Frame B3D8 		203 KB
64 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
65395
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1700052045412510"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 17 Nov 2023 16:23:37 GMT
a6de5423b7c632060e8f86136bd5d27a.js
www.gstatic.com/mysidia/ Frame B3D8 		37 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/a6de5423b7c632060e8f86136bd5d27a.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 09:24:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
25128
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15478
x-xss-protection
0
last-modified
Tue, 14 Nov 2023 14:10:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 15 Feb 2024 09:24:49 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/7345276366076483183/ Frame B3D8 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7345276366076483183/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
35fef8f9c56031b3df750de21dc34b8ad5db218d2aad28361d0c3b48ebeae948
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Tue, 14 Nov 2023 21:42:58 GMT
x-content-type-options
nosniff
age
240039
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15397
x-xss-protection
0
last-modified
Tue, 28 Jun 2022 07:33:56 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 13 Nov 2024 21:42:58 GMT
truncated
/ Frame B3D8 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B3D8 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame B3D8 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5c5e0a0b828068abf3fe6ee7a07e016c795e24002494435c4b48f37def782fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type
image/png
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame B3D8 		33 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Wed, 15 Nov 2023 21:01:51 GMT
x-content-type-options
nosniff
age
156106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34108
x-xss-protection
0
last-modified
Tue, 23 May 2023 16:35:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 14 Nov 2024 21:01:51 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame B3D8
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/adview?ai=CbrmFiJNXZdOPHNTM1fAP1KCHiAuzx7CjbvL5-OGJD9rZHhABIJz6oyNglbKpgrAHoAGumIqiAsgBCakCCmX3rhg1sj6oAwHIA8sEqgTJAU_QY3IKkifRVlzvgHSj6WvGtNsGoIezxLuZLgE...
  • https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228584578537697636954%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22...
0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228584578537697636954%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222268995242282621361%22}&andc=true
Protocol
H3
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:38 GMT
x-content-type-options
nosniff
attribution-reporting-register-source
{"debug_key":"8584578537697636954","debug_reporting":true,"destination":"https://xcraft.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["608341038"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"2268995242282621361"}
server
cafe
content-type
text/css; charset=UTF-8
access-control-allow-origin
https://googleads.g.doubleclick.net
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
private
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 17 Nov 2023 16:23:38 GMT

Redirect headers

content-security-policy
script-src 'none'; object-src 'none'
date
Fri, 17 Nov 2023 16:23:37 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8584578537697636954","debug_reporting":true,"destination":"https://xcraft.net","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["608341038"],"4":["11-17"],"6":["true"]},"priority":"500","source_event_id":"2268995242282621361"}&andc=true
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314153585442568&plah=ordsearch.net&bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef2fa1c88e5928f4a3776d945b3c4cbd51b05df7cd81bdbb94776b05ab8ea2b8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12500
x-xss-protection
0
6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
pagead2.googlesyndication.com/bg/ Frame 47DA 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/6h7OZzYWuChAMW0yNvwaAqN_brH89lOBLHEXo8EbMVo.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3125142811&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216218&bpp=2&bdt=1354&idt=197&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=268&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeE%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=200
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 00:36:09 GMT
content-encoding
br
x-content-type-options
nosniff
age
56848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15097
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 00:36:09 GMT
/
www.googleadservices.com/pagead/ar-adview/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228584578537697636954%22,%22debug_reporting%22:true,%22destination%22:%22https://xcraft.net%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22608341038%22],%224%22:[%2211-17%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222268995242282621361%22}&andc=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept
*/*
Access-Control-Request-Headers
attribution-reporting-eligible
Access-Control-Request-Method
GET
Origin
https://googleads.g.doubleclick.net
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
attribution-reporting-eligible
access-control-allow-methods
POST, GET, OPTIONS
access-control-allow-origin
https://googleads.g.doubleclick.net
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/html; charset=UTF-8
date
Fri, 17 Nov 2023 16:23:37 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5314153585442568&plah=ordsearch.net&bust=31079654
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 17 Nov 2023 16:23:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 69B1 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://ordsearch.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
19327
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 11:01:30 GMT
expires
Sat, 16 Nov 2024 11:01:30 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 709B 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
ada1b0b16eacd435796ee7793d6a93e28417ae350df86a92da1630a7161aa03e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Dj4-R8O_C7qbSrKrO3LYgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://ordsearch.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-Dj4-R8O_C7qbSrKrO3LYgw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Fri, 17 Nov 2023 16:23:38 GMT
expires
Fri, 17 Nov 2023 16:23:38 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
pagead2.googlesyndication.com/bg/ Frame 69B1 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 14:56:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
5214
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15296
x-xss-protection
0
last-modified
Mon, 06 Nov 2023 16:38:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 16 Nov 2024 14:56:44 GMT
generate_204
tpc.googlesyndication.com/ Frame 69B1 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_YoUgg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date
Fri, 17 Nov 2023 16:23:38 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 709B 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1708907704897627&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
activeview
pagead2.googlesyndication.com/pcs/ Frame 14DE 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvd4j5lAboQSb4Cz5YazcI-wdms1vbrgB55MbKvoY45PDMRZjOBKt0p8b3haXRZdP2_feR8P6TtumaEEnQFwvsb0C00jzx_tM25NOdVo4oHK6fTjnGZQQQvrlOGhGxv6vDkxxwkXn-UiTzmPhzfcm8X41JD3irjwFGmdd7CnYEUN5gX3uOXUPz6CAMYhlShe_ZQdkPAxeCV8cTBDcdR-49n3lEX0rl0QtvzwpB1lnDPCTIqO5Rk2OA6XEFq91-XFQdzfLcjIQ_b7YeX6jeJTK0F-qRy_xEk529n_iR90wWJAwHGuJkYAkICHzZ27TiuOy20XYt2cR65YgMgu7ExDBKFu4ItYm3zWMVh-L9au6RZrMcIh0KykysXAQLk_8DueG-G59uuQYM-qH3ulVzxPwpZWagJwtTKLgwxch3uVHIuFWKMxAC7pL6Lu5u3ALpvLhRHxXi5uNEmD5fxfACOKhEG9ycsjeK7OQ779hWPxPGh-G5k03vCZKHvyymzZMvn1zbkyy2Ow9PNI5RqQw9pDxxONpQ1yYEh9RDr9PLhXAAqZ269uX6HHadI_sLlnqgUaEg63W4_GI-Y7P8Uk17eKDGgZ3e842jdtbIyjkKmt-OHZ_f0PfkS8ixrsaP7Fv6rSVJN88ccXPD61KIvPMTauthGxD8TaScE_zG-820p64PodwpJnYlybK16s5Akm9oId-hnUKrvPaEdO-lRDTXWvE1rXUnTpESAlRD7ORKgj3vHb61PnJnlVcUNdslxwByNWxbSAPh_i_KzaDdvrZcluAPkx1gvB0gtKimE5Y3SSPRJW75SjProlrt_O5-1tZzB5BMwi8nJBfDzAc7YJFhV75JAtOUigxuASWdMt3gsIcxnjrN3hwAhVvIm0ogovONjpBnpt2gRh71mEc1YYcv4uo1x25aYxpj4gr7lwKFFRbcu-bsqP42tuuDUYJknrV7OYI9OsF123FRsZLeZdhJLH3qNtk2H9dwnreUeuvSYHcw8pS-GRChHPn3rlskQAIsDYoJlsn5UBkuOTl0TFY9azk9MrBWXGvVNv8nN5dCLz2KYneWgwTHDRnGPp1NNYi9wpmQCszPPPOJM0fQU8xBmoQZifp83F_RWLyQXwDF53c4RrGyk2aANjupN3zULPntSwxbFCPIqxtkhl3XeB8mq&sai=AMfl-YQJkE35Z61bKMQSpBVc8CEaiGlJYrCmmpAHxgj-wUHIDV_73kQdleSxRiSrjgucVtWHC6iIFJxvdFfXjZ-E2OMMh7W2C2a5S011Wdf3ptiThZpRlJCeO6m5Sx5HoH7pu3vG8p6AFqj7YY3zykqrO4K0vc1KemJVwO47nGE&sig=Cg0ArKJSzGA2857qLkGbEAE&cid=CAQSTwDICaaNm0Mm6Yvkx4Eh4pYEBgzxbBfOBYcUrf_oogqn_2OcVh7E62hMasa3TrSWERLVo5oCklYiEVikVNAwq1Se9rsb2igoI1zvOu9Ck24YAQ&id=ampim&o=1001,844&d=338,280&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=917&tls=1917&g=100&h=100&tt=1917&r=v&avms=ampa&uap=&uapv=&uaa=&uam=&uafv=&uab=&uafvl=%5B%5D&uaw=false&adk=0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 16:23:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame B3D8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4Tzteh8BUAoOOZSG71oGk9jUID5fjzYHCDVPNVfu0XPgonRXn9g1Oz7a9oGWPnOpNrAXSQAbXQ_LGd7O0cdug2JVmLO5PDNvpk2FIJiHsq4q0H2kYzMAajNI_6pYCZNClynN1GQAUSt9O&sai=AMfl-YQRNitdDtXwNXZ0T9OSPQpKI18GhbWcEOsOOEdiC0xIZrgfzq5kUaLaKoX8Urt--SVxRA-KiLlXlD1nBbP26w-MULP-_V9Yxr-AnY1hxFeu1o0foe33kDlEPYqbjDFseIM8ZClywm8UVdYMZ5gC&sig=Cg0ArKJSzKCqBAjCqrzdEAE&cid=CAQSTgDICaaN47GGj9HV5FEgU-DXtZ3oqSYiDqIkCYZRwAQCaP8I0LUKVQfWNL0prEjYrjwWFaftJaUQuRnyybqUS_pP2AT6aRcyvTBVcNpHrhgB&id=lidar2&mcvt=1000&p=0,0,183,732&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20231115&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=874737686&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&rst=1700238216419&rpt=1242&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 16:23:38 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1708907704897627&bg=!FRalFlnNAAZxrfrxUa07ADQBe5WfOFVd7Dgwzv7kEoiMXvsj-wG3_3lUiWea9tqj1c4_NDomeaaOA9KAbMwnhNBA7g1mAgAAAMJSAAAABGgBBwoAOIvT6Ky-BzSoBYk1PcugfkIhVoyyizId_PK05uLS2Flw9lZis6rVml5oddFiSCZ7SjN5-F4xUgsumQK6lLGRIPb3FVjGON7p5diAXaUEsEkJHsBqrxRL5n7ng_vB7IO1LberoZgheyLAPEKl5B4ESItKwLwG2NLkwG2-mef_puptm5v22nNCFFUVFPHgR5m28f6ygDOV3IHMxg5uYxQCOa_h19baLEs7_YbZPQEKeWuKrWTJxzqX5l1orEOe0-sLujmsfTnO-LPJlqgl_O9KsFLLDG4mZ32Cztd40gHszt1ZtW2wU7Hgy0JdnvyfY12SMJMFLjFaNKoEv7ZWdxvDnFMrA2jus_TDFJ3CJwarZvUCpd-VyNMlgp0Hxf7T4Xdbo27diSTrJPV5ZdYD9Z7sUXBVFQAN4b1zVbyYvIWKqVz83FjxyBDIgFNoR__braoPJ7aBxlIQLj5rhD_g2x0KzjNvwefiCD3SJHaOq0Z8kxC2MLEf_jbPk9TirWnaqk9AHszbBZNp8-6SwNscG5dgAkk6cIiMvfxe8_NZoGzEVe3TJl-HS1mOgqbQFnMbPysCdPI43xt3uBEbPyQ29gB90PV95MM0xdzNH2wnGD0tiLt3gnJrESSbECTd--VqhtXjlsgshakAexCcKyXPHop4oS5ugbnNBafhMOi4RgW-bW3nuK9zCN47l9POiCyYT3lsfbwznkbeJ7c0baK6c031_BgMUFrXDzQwnzSQzeX0mdyVx77e-XTDaB7quaNL8oAHk4A2QJAtyGY5c0pUfcGO1NR0h0KUyuresoBMx6cCJtDlgwEiJU3YjZvO0WERnrBpgPO7Y_9RsDx39RhckLgP_vwlcTFN5meYSXiDQdkCy2B3P0CZPeQu_-gYtFalyvG_OoAHf3TB1aIOfdrQL9_-HGQCLNpm1fJ-3smdhx_MeD82F3pnxYt2oaltg5cSQVV_gUbd7xzTOOoOVDgRvLfVx__qBSQmXd2WUNirBWY1WxTOqN8Vix4
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ordsearch.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-KT6BFGNQ1Q&gtm=45je3b81v9134565178&_p=1700238214881&gcd=11l1l1l1l1&dma_cps=sypham&dma=1&cid=1776261028.1700238216&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EEII&sid=1700238216&sct=1&seg=0&dl=https%3A%2F%2Fordsearch.net%2F&dt=%EC%9B%90%EB%9E%9C%EB%94%94%20%EC%BA%90%EB%A6%AD%ED%84%B0%20%EA%B2%80%EC%83%89%EA%B8%B0&_s=2&tfd=9230
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KT6BFGNQ1Q&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ordsearch.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Fri, 17 Nov 2023 16:23:41 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://ordsearch.net
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| documentPictureInPicture function| gtag object| dataLayer object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state number| google_rum_task_id_counter string| google_user_agent_client_hint function| google_spfd number| google_unique_id object| google_sv_map object| googletag object| gaGlobal object| gaplugins object| gaData function| google_sa_impl number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| _ function| Popper function| jQuery function| $ function| axios function| ClipboardJS object| __AMP_LOG object| __AMP_ERRORS boolean| ampInaboxInitialized object| __AMP_MODE function| __AMP_REPORT_ERROR object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| AMP object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
ordsearch.net/ Name: XSRF-TOKEN
Value: eyJpdiI6IjhLM2JnNXpUcFp5d2JQZnZtY2d0S1E9PSIsInZhbHVlIjoiam92amNiVTA0ZDNRWWtvTGlDd29takRtUWJYY2w0QlNiaGk0UkE0SmdnZHB4SEVoNGtQL2lRcXVTNWIrU3ozaStZbG1kaXB5clhXMlZXT3hoM3hPRUlYWW1IQ3V5Rksvc1ZaMFRRV0V4YmE1WHpCTFZYUFdFbDk3bmUxSW8yRmYiLCJtYWMiOiIyMTMzNmZiYWYyMDFjZGE5ZDIxZDg4NjlkM2IyNjMzNzk1NThlMjY1MDFmNTgzMmU4ZDVlNjgyNjQ0MDQ4MTZkIiwidGFnIjoiIn0%3D
ordsearch.net/ Name: _session
Value: eyJpdiI6IlI0dktkL1JEaVFsZnY5YTJTVzRndHc9PSIsInZhbHVlIjoib0hmQ1Q5S1cyTGVpeUZhU0VjeG83NjRhaXVQSGxzQU9JUU5zWjZJSk05akRGYVdRQUlqQlFUeXN5aDY4VWkxWE82cWNOMFlKVlVBYjZNZXRzM2dKY1NCUW55WHptZmdyUGtBdE10TmxjNEJpeDJOL3htSkVIWUxuK1NmZ1ZoSXUiLCJtYWMiOiIzZGNjOTgzM2VjM2M3OTliNmZjMDc0OTU1YjI5NDU3YTM4ZTM4N2U1MjRhOWZlMDU4ZmI3ZjM1ZjJjYjA2OGU4IiwidGFnIjoiIn0%3D
.ordsearch.net/ Name: _ga
Value: GA1.2.1776261028.1700238216
.ordsearch.net/ Name: _gid
Value: GA1.2.196920336.1700238216
.ordsearch.net/ Name: _gat_gtag_UA_125017129_2
Value: 1
.ordsearch.net/ Name: __gads
Value: ID=407ad1406979c2e2:T=1700238216:RT=1700238216:S=ALNI_MbN8GPc7GIscxreC0SV2PRVQFomXg
.ordsearch.net/ Name: __gpi
Value: UID=00000cdc434f87bf:T=1700238216:RT=1700238216:S=ALNI_MbZUBliabtQtn-3VFI5EaCai43i9Q
.doubleclick.net/ Name: IDE
Value: AHWqTUnefsTGVuLim8QWV-LWkDDJWLH_F2yi1IXKhjgshdEfBy3yy0v2eQiPuXOfC0U
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.ordsearch.net/ Name: _ga_KT6BFGNQ1Q
Value: GS1.1.1700238216.1.0.1700238217.0.0.0
.googleadservices.com/ Name: ar_debug
Value: 1

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5314153585442568&output=html&h=183&slotname=6979636541&adk=874737686&adf=3333036740&pi=t.ma~as.6979636541&w=732&fwrn=4&lmt=1700238216&rafmt=11&format=732x183&url=https%3A%2F%2Fordsearch.net%2F&ea=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1700238216221&bpp=16&bdt=1358&idt=199&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C732x183&nras=1&correlator=351463963094&frm=20&pv=1&ga_vid=1776261028.1700238216&ga_sid=1700238216&ga_hid=387362815&ga_fc=1&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1477&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44795921%2C31078301%2C31079654%2C44807754%2C44807764%2C44808149%2C44808284%2C44809054&oid=2&pvsid=1708907704897627&tmod=1832891553&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=m%7C%7CopeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=201
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors https://weingchicken.tistory.com https://weingchicken.com
X-Content-Type-Options nosniff
X-Frame-Options allow-from https://weingchicken.tistory.com https://weingchicken.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdn.ampproject.org
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
ordsearch.net
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
142.250.185.226
178.250.1.6
2001:4860:4802:32::36
2606:4700::6811:190e
2a00:1450:4001:800::2001
2a00:1450:4001:801::2003
2a00:1450:4001:806::2002
2a00:1450:4001:808::2008
2a00:1450:4001:80e::200a
2a00:1450:4001:811::2003
2a00:1450:4001:827::2002
2a00:1450:4001:827::2004
2a00:1450:4001:828::2001
2a00:1450:4001:829::2002
2a00:1450:4001:829::200e
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
45.120.69.32
02980cbd7a7a4e5fd4959cc281ee86d9d737f6257ab80c8f3b85a5eef9c31ddc
064669bfdbd4021060280b2b9d5ae75554cf7d00c37ff7cd5b67eb9fe86401b3
06d192d9224c1e41a76a3c27e4802144f9d3387a23433071f543fc71ad31fe8d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0c21f21f7b1658ed6ab5c0461020a21d62f9e0a7cd7cf3d9e6ef61a2c481f31e
0c659c2351251346d80951411cf3e8704b382d17b990f900212543f96faaa44d
0da5727b35fe0fecaed597a6b52ad36229c11dbc388b0543fc09d332693b6fd2
14d490997906adfae9f6adce34c4677b2418f30da9b0fe54a65f92d16f476cc0
1598c57200d136aad7124f838118170d41a2d58d261bca325d05222cd96ed4c9
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
18ebc36644e10f87e20812c15e329c1b25848c62cd6cdfe74427cdf8995bc3a9
1a648cdebd7ee4c7352d321540f7eff19fd50bf971b50e7ebde286ee05874f89
1db2a90e6e3782834b6f20c298acd4ea7bac24eafe07b457c0f58e2130f442ad
29e8243cd2442d92694ddb0e6daf538c77585f4a23bae4412c6e3d4a1184b1dc
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
35fef8f9c56031b3df750de21dc34b8ad5db218d2aad28361d0c3b48ebeae948
3907cc5ed9d4a0cdb316d069614220b55fccd5624ac173592a7a4c2c3aae0636
39b752928c723222cf1a05d1a77a7f64ce5a8f055f3d1052ad03a2f2d6370265
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
414b8e48407d8b3afaf6b9e83c470a7670762ed45591f2b15c9ee2577b56b900
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
431097f4f934bdc8ae8ea0d5d33a07573e22cf31f50e02499a1b12b98be7c4a2
4452bc4d16309455982365fbe44c9294333c29dc89a7d69d6e7ac9ea92ffafb8
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
516f5e4c2dc5c69f3e1707e76695f866f8e62468aca15c1a9ddb165eb684f6f0
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a23bf4040151842ed482bb8d63486fb91c2c00c91132fe11b2ff55c6456a0d1
5ba9fb0f8c9827576314dd8513560e0f82c0e5640a874e16510af54305aea22a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
67c8bc20804324b597ade2ffc30837a05cd6d36b3d5f7cb1946f039ee1d1265b
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
725c9df5667afb9dc3535263b5b8febdc731022d4dd01563ae746963494c5b08
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7595efdbbabb8d268d7f3855d51cae99f8370f481742d2de190901ef410c04b3
768581e447e950f5fb07a322b58bd1b1d7abe14cf624e85e73e5340f63ef94b1
813fc078afbbf5216012f8c8de6b9ac5685394999e4de08835d9195c99f119fd
8b0729c39a1048f859d3dc08ab52a723c829235cd4b7d255e13f0588250f460a
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f665ba5c27890ebed553836dee5572ad583c0a65374373741ec0a5309df2b5a
961581102560267c2eef54ff4f2ece4e06b5cc0caf5cc2937b8944d4853b7039
97d63570628247761590d93f90d03cd2026268739e732f21c4c8dd0edb28a453
9834b82ad26e2a37583d22676a12dd2eb0fe7c80356a2114d0db1aa8b3899537
a05d65bb7f856e5070295335b0eaa200636553faf436aa73b70d810788b355f6
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a339ffe9fa95c79db056d169f2ad3be875ffb8971ac11da082ea6d7ee750b8cd
a5c5e0a0b828068abf3fe6ee7a07e016c795e24002494435c4b48f37def782fe
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aa3c8f56d38285c8a807052b690c85996fbb2a1d7b144cafd6a15e56e189ff6f
aade7746342f608807b7eb107059c842fe200e1ff09e146db822250055cecaed
acc865fc9fec09d376a8592d451828ab56208f52d0a6159f3f36f68213dfb954
ada1b0b16eacd435796ee7793d6a93e28417ae350df86a92da1630a7161aa03e
af1d171265b23f5a8718fee1dd56af4d91b99573e93b6b43da9f2d6e93d7d61f
b182877b652dc3e02f6739af842311b0e6a315a693661a32e7060d44761c50ed
b53b6ad23b258ce11eed97786741510819a369348afcf1260856fe3041fc33de
b7071d42204bf69dcd3fcb6844a8cf29532c6856e65fc5137b0047e667869208
b786479a0c0a6f1000f22f66049ebfb5b183f1571aa26ad4b54b3a3eb9abbb3d
ba5f78267d0c04e8a31aebd7860c7fd7fc236891cddd477a4c7fdc19a0eb176e
c6077711ce3174050ccebe6559eb5f0e251942c2cad21900d1c3ef316065565b
cc318b2befb4333a8c1fbe3f0600f8e5c616102c0bf4ab059765d12cc688cf0a
ce583499029038aae14c8522e0ba11c316906d21c3eec82d4a5c647818fb9a9b
d50675d04142e9bfd9a7066718b8f5f9336d4000b1c8dc5542002955d9b002c7
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7d42f3f4deadc172b2c3a69892c9118e85d2efd79d320c039e68f5cd671f3f9
dc5f05c666ac177f0bf70d6057ba7c5be9d739e2bb3d5fac7c72c7ad8cc814f9
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df292625cd5f9b0db9759c9f9e3241b44583b68efcff4f5185ca855dad03638a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3499c40fb2a828918f50d4d4b1daa09d3b3470a48033136ec99afd3300df608
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e409280b06086a0d40c127dcaa3a1227c25a2da51c68b53f1b457e518869bd46
e42a88444448ac3d60549cc7c1ff2c8a9cac721034c073d80a14a44e79730cca
e542ffaba224bb5ff33c14d8991269d9134502718a866b97c1c44bbfa5c655d8
e7d3a6b96adc18601896d50359fb589c001b0e7cfda8229c92c8a32383a5d69b
ea1ece673616b82840316d3236fc1a02a37f6eb1fcf653812c7117a3c11b315a
ecf163cc9423cf0b9a1b1ef7e76fe5087cb15707fff5c4cad2d6959fdbe32159
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2fa1c88e5928f4a3776d945b3c4cbd51b05df7cd81bdbb94776b05ab8ea2b8
f2b99e0ac804013dc7370410a8653c4f42082e990c1000809eb9a9aea52d2c97
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f5b0588c84deaf8c686a053db33a151517e75b4e19f9f10d227c5c18ed127eb2
f68b49b743e29d28f46d9321318cd1fbdc017ddd6a4bdcdac1730ffc20b9f60e
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
f8cca6df4bf116a6e247a170e1f05dbf6cc7422ecc2436cf9fca754f9a2491e4
faf417554ec51c079733b822714bd4b7e9e77244c70cbf32f45eb637f9bd4cdf