urlscan.io logo urlscan.io
SecurityTrails logo

ad4us.com Open in urlscan Pro
134.195.14.20  Public Scan

Go To Rescan Add Verdict Report
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Submission: On April 06 via manual from IN — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 3 countries across 14 domains to perform 97 HTTP transactions. The main IP is 134.195.14.20, located in Seattle, United States and belongs to HYPEREXPERT, US. The main domain is ad4us.com.
This is the only time ad4us.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
10 134.195.14.20 398491 (HYPEREXPERT)
3 2a00:1450:400... 15169 (GOOGLE)
1 15 2600:9000:225... 16509 (AMAZON-02)
19 2a00:1450:400... 15169 (GOOGLE)
1 2 108.138.17.46 16509 (AMAZON-02)
2 3.127.31.227 16509 (AMAZON-02)
1 142.250.186.34 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638::2 44788 (ASN-CRITE...)
2 2a02:2638::b 44788 (ASN-CRITE...)
14 2a02:2638::3 44788 (ASN-CRITE...)
2 178.250.0.160 44788 (ASN-CRITE...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
6 178.250.0.139 44788 (ASN-CRITE...)
4 178.250.2.150 44788 (ASN-CRITE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
97 21
10    134.195.14.20 (Seattle, United States)

ASN398491 (HYPEREXPERT, US)
ad4us.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
15    2600:9000:225e:8600:3:c04e:c780:93a1 (United States)

ASN16509 (AMAZON-02, US)
w.sharethis.com
ws.sharethis.com
19    2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
adservice.google.de
2    108.138.17.46 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-46.fra56.r.cloudfront.net
www.alexa.com
2    3.127.31.227 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-31-227.eu-central-1.compute.amazonaws.com
l.sharethis.com
1    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
2    2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
14    2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.fr.eu.criteo.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
6    178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com
pix.eu.criteo.net
4    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
2    2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
24 criteo.net
static.criteo.net — Cisco Umbrella Rank: 631
pix.eu.criteo.net — Cisco Umbrella Rank: 7880
csm.eu.criteo.net — Cisco Umbrella Rank: 7886
680 KB
18 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 98
tpc.googlesyndication.com — Cisco Umbrella Rank: 125
317 KB
17 sharethis.com
w.sharethis.com — Cisco Umbrella Rank: 18841
ws.sharethis.com — Cisco Umbrella Rank: 8066
l.sharethis.com — Cisco Umbrella Rank: 4883
98 KB
10 ad4us.com
ad4us.com
167 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 43
32 KB
6 criteo.com
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14133
ads.eu.criteo.com — Cisco Umbrella Rank: 7887
cat.fr.eu.criteo.com — Cisco Umbrella Rank: 10325
84 KB
3 google.com
adservice.google.com — Cisco Umbrella Rank: 76
www.google.com — Cisco Umbrella Rank: 7
2 KB
3 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 45
3 KB
2 gstatic.com
fonts.gstatic.com
31 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 229
10 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 169
73 KB
2 google.de
adservice.google.de — Cisco Umbrella Rank: 8069
914 B
2 alexa.com
www.alexa.com — Cisco Umbrella Rank: 3497
6 KB
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 782
642 B
97 14
Domain Requested by
14 static.criteo.net ads.eu.criteo.com
13 ws.sharethis.com w.sharethis.com
ws.sharethis.com
ad4us.com
11 pagead2.googlesyndication.com ad4us.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
10 ad4us.com ad4us.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
ad4us.com
6 pix.eu.criteo.net ads.eu.criteo.com
4 csm.eu.criteo.net ads.eu.criteo.com
3 fonts.googleapis.com ad4us.com
cdnjs.cloudflare.com
2 fonts.gstatic.com fonts.googleapis.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
2 cat.fr.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
ad4us.com
2 www.googletagservices.com googleads.g.doubleclick.net
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 l.sharethis.com w.sharethis.com
ad4us.com
2 www.alexa.com 1 redirects ad4us.com
2 w.sharethis.com 1 redirects ad4us.com
1 www.google.com tpc.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
97 22
Subject Issuer Validity Valid
sharethis.com
Amazon		 2021-07-19 -
2022-08-17		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-02 -
2022-05-03		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-09-21 -
2022-09-20		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-03 -
2022-05-02		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-03-17 -
2022-06-09		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-03-21 -
2022-06-13		 3 months crt.sh

This page contains 11 frames:

Primary Page: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Frame ID: CC7897DC32E88B43DA212DC13A4164EE
Requests: 38 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20190131/zrt_lookup.html
Frame ID: 3637920AF77E6CF65B56898CCDB64BE6
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&adk=1812271804&adf=3025194257&lmt=1649240956&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&ea=0&pra=5&wgl=1&dt=1649240956431&bpp=3&bdt=500&idt=108&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5954620104371&frm=20&pv=2&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=129
Frame ID: 8E2D8BE00EBE57A81FA5B383A3AA169D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1020560031&adk=94194966&adf=2232996267&pi=t.ma~as.1020560031&w=336&lmt=1649240956&psa=0&format=336x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&wgl=1&dt=1649240956434&bpp=2&bdt=503&idt=133&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=778&ady=482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=s8ir8oSboH&p=http%3A//ad4us.com&dtd=139
Frame ID: 6C0168910774FCB67BE849142812E292
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1284995633&adk=2907896458&adf=452939827&pi=t.ma~as.1284995633&w=864&fwrn=4&fwrnh=100&lmt=1649240956&rafmt=1&psa=0&format=864x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1649240956436&bpp=3&bdt=505&idt=141&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=515&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7NlvYepbyl&p=http%3A//ad4us.com&dtd=145
Frame ID: E610B1DC952E81395C505B3B83737D73
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Frame ID: 3B87A7C63E611C9F52606A85B3122838
Requests: 17 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1
Frame ID: 106C93382562E0FBF119EE84D39B7FED
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Frame ID: D6F501FBFBA1E455ED12641FA10356B7
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 4E86FD34FF08D6F13A646C4026A9A404
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4188187BF424120D86767A04F970CF02
Requests: 2 HTTP requests in this frame

Frame: https://ws.sharethis.com/secure5x/index.html
Frame ID: 124750733CFF120B5819F63307F152CF
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Step : Undo Last Reconcillation In Sage 50 US128992

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • w\.sharethis\.com/
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

97
Requests

85 %
HTTPS

65 %
IPv6

14
Domains

22
Subdomains

21
IPs

3
Countries

1503 kB
Transfer

2917 kB
Size

3
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://w.sharethis.com/button/buttons.js HTTP 301
  • https://w.sharethis.com/button/buttons.js
Request Chain 9
  • http://www.alexa.com/images/logo-buttons/logo-button4.png HTTP 301
  • https://www.alexa.com/images/logo-buttons/logo-button4.png

97 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request step-undo-last-reconcillation-in.html
ad4us.com/128992/ 		23 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
52567555378dacb540a3c3f256a2bf5d3122fb612eb3870a0428d3c3b24feaf9

Request headers

Accept-Language
de-DE,de;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Cache
no-cache
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Encoding
gzip
Content-Length
5689
Content-Type
text/html; charset=UTF-8
Date
Wed, 06 Apr 2022 10:29:14 GMT
Server
nginx
Vary
Accept-Encoding
css
fonts.googleapis.com/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2adf2bf97f229c24bb5e8694f451ef6fe99f258009b4b45e8039e2c06fca0272
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:14 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Wed, 06 Apr 2022 10:16:34 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Wed, 06 Apr 2022 10:29:14 GMT
bootstrap.css
ad4us.com/src/css/ 		123 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ad4us.com/src/css/bootstrap.css
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
a840cc3dd2b143b81bbf4aebb9963cc54073801eeb83d3b5f4560f278e012328

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/128992/step-undo-last-reconcillation-in.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:14 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=864000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17913
font-awesome.min.css
ad4us.com/src/css/ 		18 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ad4us.com/src/css/font-awesome.min.css
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
6dc70cb8897e73c663d4c5ac4c6cfffb046c1072351352747d5f280a312387a5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/128992/step-undo-last-reconcillation-in.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=864000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4073
us.css
ad4us.com/src/css/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://ad4us.com/src/css/us.css?baidu.com
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
026062011a76707e200ab01bfabd073d8e72ee8385acdef89b801de2e7f098c6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/128992/step-undo-last-reconcillation-in.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
max-age=864000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2126
buttons.js
w.sharethis.com/button/
Redirect Chain
  • http://w.sharethis.com/button/buttons.js
  • https://w.sharethis.com/button/buttons.js
59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://w.sharethis.com/button/buttons.js
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 08:22:21 GMT
content-encoding
gzip
vary
Accept-Encoding
age
225912
x-cache
Hit from cloudfront
content-length
16739
server
nginx/1.20.1
etag
W/"61e1c3a2-ea95"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA60-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
kfW8YWryzRKkSKV0j7XXWBKsAo5p1hRjrMPv7AmOJTY4HJGOT-s4ow==
expires
Wed, 06 Apr 2022 19:44:02 GMT

Redirect headers

Date
Wed, 06 Apr 2022 10:29:14 GMT
Via
1.1 a3c1615d6bdfc01a05a0b3a742d10d38.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA60-P4
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://w.sharethis.com/button/buttons.js
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
mzCdOH-HqxGtnqL4mJOZufTB-hAjGcFaSGVSZQqTXQO2COi7NrWcLA==
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-3252232213703739
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
10844afc2660a21596c05acbd457c20a58575f72264ffef1bc55255c33de4f73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ad4us.com/
Origin
http://ad4us.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Length
53878
X-XSS-Protection
0
Server
cafe
ETag
10274221485492096701
Vary
Accept-Encoding, Origin
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=3600
Timing-Allow-Origin
*
Expires
Wed, 06 Apr 2022 10:29:15 GMT
20220406070239_ukf.JPG
ad4us.com/pix/4us/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad4us.com/pix/4us/20220406070239_ukf.JPG
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
d867b2bf66116e2edb166faaecc3a30b9c2cebfe6d87080b0bd6970dc08b10dd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/128992/step-undo-last-reconcillation-in.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Last-Modified
Wed, 06 Apr 2022 07:02:39 GMT
Server
nginx
Content-Type
image/jpeg
Cache-Control
max-age=2592000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4896
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		155 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
db21c24a74a4fc47c14b88a4f0bd7bb1b0036170637e5d8a75d6335dd83441c6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Timing-Allow-Origin
*
Date
Wed, 06 Apr 2022 10:29:15 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
cafe
ETag
14381740535767849915
Vary
Accept-Encoding, Origin
P3P
policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control
private, max-age=3600
Cross-Origin-Resource-Policy
cross-origin
Content-Disposition
attachment; filename="f.txt"
Content-Type
text/javascript; charset=UTF-8
Content-Length
53923
X-XSS-Protection
0
Expires
Wed, 06 Apr 2022 10:29:15 GMT
moget
ad4us.com/captcha/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad4us.com/captcha/moget?624d6b7a52067
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
b2037037a91846a9e89bacc59cdd9f17df28b1cbdd6406e866998b5771795d88

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/128992/step-undo-last-reconcillation-in.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Cache-Control
no-store, no-cache, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
4522
Content-Type
image/jpeg
logo-button4.png
www.alexa.com/images/logo-buttons/
Redirect Chain
  • http://www.alexa.com/images/logo-buttons/logo-button4.png
  • https://www.alexa.com/images/logo-buttons/logo-button4.png
5 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.alexa.com/images/logo-buttons/logo-button4.png
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
108.138.17.46 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-46.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
dcbef64379674cd71a0eb52796d0be8c998c08e6cde5e39c610d7d0ae7069df9
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Via
1.1 85310f8b6878a9cfaa0218e021ae364e.cloudfront.net (CloudFront)
Last-Modified
Tue, 01 Feb 2022 19:04:16 GMT
Server
nginx
X-Amz-Cf-Pop
FRA56-P7
ETag
"61f98430-14b6"
X-Frame-Options
SAMEORIGIN
X-Cache
Miss from cloudfront
Content-Type
image/png
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5302
X-Amz-Cf-Id
Nwx6Arq04ga7yDWZnot9VBD7qQ8mmoH-q1sTGs-gN0GeO1-YhsZqrA==

Redirect headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Via
1.1 8dc3ccc34d68ee81173fff2a80f72bde.cloudfront.net (CloudFront)
Server
CloudFront
X-Amz-Cf-Pop
FRA56-P7
X-Cache
Redirect from cloudfront
Content-Type
text/html
Location
https://www.alexa.com/images/logo-buttons/logo-button4.png
Connection
keep-alive
Content-Length
183
X-Amz-Cf-Id
_J2Sfgcd4_3b4dDXLQMFWkXeLNjMzUA6ST4P_QT4fAeJlCCCL00_dg==
jquery.js
ad4us.com/src/js/ 		91 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad4us.com/src/js/jquery.js
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/128992/step-undo-last-reconcillation-in.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=864000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
32800
bootstrap.min.js
ad4us.com/src/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ad4us.com/src/js/bootstrap.min.js
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/128992/step-undo-last-reconcillation-in.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Content-Encoding
gzip
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=864000, public
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7312
async-buttons.js
ws.sharethis.com/button/ 		89 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/async-buttons.js
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Tue, 05 Apr 2022 06:54:17 GMT
content-encoding
gzip
vary
Accept-Encoding
age
139711
x-cache
Hit from cloudfront
content-length
18813
server
nginx/1.20.1
etag
W/"61e1c3fb-16245"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
max-age=259200
x-amz-cf-pop
FRA60-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
rMsdYFI4aZTBCZeop7ASa0MnFYVbA9T8X-NIGcRYJx1lqgI4cmZ2VQ==
expires
Thu, 07 Apr 2022 19:40:44 GMT
pview
l.sharethis.com/ 		0
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1649240956294.49239&hostname=ad4us.com&location=%2F128992%2Fstep-undo-last-reconcillation-in.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&title=Step%20%3A%20Undo%20Last%20Reconcillation%20In%20Sage%2050%20US128992&sop=false&description=US128992%2C%20Step%20%3A%20Undo%20Last%20Reconcillation%20In%20Sage%2050%2C%20In%20the%20given%20post%20we%20are%20explaining%20how%20to%20undo%20a%20bank%20reconciliation%20in%20Sage%2050%20cloud%20Accoun...
Requested by
Host: w.sharethis.com
URL: http://w.sharethis.com/button/buttons.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.31.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-31-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
http://ad4us.com
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
usa.jpg
ad4us.com/src/imgbg/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ad4us.com/src/imgbg/usa.jpg
Requested by
Host: ad4us.com
URL: http://ad4us.com/src/css/us.css?baidu.com
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
f617a06005db926770f98bbecaa41386ab1074e05606064a27ce931420ebf18c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/src/css/us.css?baidu.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Cache-Control
max-age=864000, public
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
65709
Content-Type
image/jpeg
glyphicons-halflings-regular.woff
ad4us.com/src/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
http://ad4us.com/src/fonts/glyphicons-halflings-regular.woff
Requested by
Host: ad4us.com
URL: http://ad4us.com/src/css/bootstrap.css
Protocol
HTTP/1.1
Server
134.195.14.20 Seattle, United States, ASN398491 (HYPEREXPERT, US),
Reverse DNS
Software
nginx /
Resource Hash
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067

Request headers

Referer
http://ad4us.com/src/css/bootstrap.css
Origin
http://ad4us.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Last-Modified
Mon, 02 Nov 2015 09:57:08 GMT
Server
nginx
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23292
Content-Type
application/font-woff
buttons-secure.css
ws.sharethis.com/button/css/ 		23 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/button/css/buttons-secure.css
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 01:35:56 GMT
content-encoding
gzip
last-modified
Fri, 14 Jan 2022 18:42:03 GMT
server
nginx/1.20.1
age
31999
etag
W/"61e1c3fb-5a76"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow
content-length
3851
x-amz-cf-id
22IWr0arqnohlcvq8yvi7tKzBkvECJspQ-p7lY0fWtqTa1KS5WQZwA==
googleplus_32.png
ws.sharethis.com/images/2017/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/googleplus_32.png
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 24 Nov 2021 02:07:04 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
11521331
etag
"6179dc0b-9a4"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
2468
x-amz-cf-id
EoypAzV_tp6ZFBV3IT1Eq-bTQSHLjnBUJf0COjpIKffnqoLMlufCTg==
expires
Thu, 24 Nov 2022 02:07:04 GMT
facebook_32.png
ws.sharethis.com/images/2017/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/facebook_32.png
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 18 Oct 2021 21:49:43 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
14647172
etag
"612ef1b8-497"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1175
x-amz-cf-id
aPWyfBNV4BFAAqGCtQWpy9VmDGGCr3e68cqHvZKsT2hFHMahdObbNA==
expires
Tue, 18 Oct 2022 21:49:43 GMT
twitter_32.png
ws.sharethis.com/images/2017/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/twitter_32.png
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:34 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
18772901
etag
"612ef1b8-53a"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1338
x-amz-cf-id
0F2hkvaIHTx8JRQXgbE0spE5K_rZcbQv5d0N_00ifVCq4Sy2RTFH5g==
expires
Thu, 01 Sep 2022 03:47:34 GMT
linkedin_32.png
ws.sharethis.com/images/2017/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/linkedin_32.png
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 01:02:00 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
15931635
etag
"612ef1b8-4c9"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1225
x-amz-cf-id
4Ij2Zlv3nROm68Xxigr-hAsyGa8wSnaWlutb1n9z650zBHAfhN06mQ==
expires
Tue, 04 Oct 2022 01:02:00 GMT
delicious_32.png
ws.sharethis.com/images/2017/ 		856 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/delicious_32.png
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
f439da38fff1f00880a6ec0e9ff410163f651aa7f809ee3bc55f1768078f35e3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:40 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
18772894
etag
"612ef1b8-358"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
856
x-amz-cf-id
mvEdlwFySWvuQ1xi06cCbznxN1bmmNjjjnPSRHggdeY9dDoR2W2t_A==
expires
Thu, 01 Sep 2022 03:47:40 GMT
digg_32.png
ws.sharethis.com/images/2017/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/digg_32.png
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
afef76ef093eba54cb1cfaa4f71d23b71b62586b6fae86185416fcba069723d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Mon, 04 Oct 2021 14:16:51 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
15883944
etag
"612ef1b8-4dd"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1245
x-amz-cf-id
mMZQXiyiAh-v9HWstcJegK5gEL1WBCpHnkQ3aHniQLa4NDB-vJGvzQ==
expires
Tue, 04 Oct 2022 14:16:51 GMT
reddit_32.png
ws.sharethis.com/images/2017/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/reddit_32.png
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
677ed7ee257a2c841f70a183557dcd2d0d51f0091f7da8ab9d2c44fcee0279af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:34 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
18772901
etag
"612ef1b8-763"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1891
x-amz-cf-id
5bf1ptufAG5JnUdKljotoVlsz60fXDptA4NZ1vVCL4OYRmM-kRk3aQ==
expires
Thu, 01 Sep 2022 03:47:34 GMT
pinterest_32.png
ws.sharethis.com/images/2017/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ws.sharethis.com/images/2017/pinterest_32.png
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 15 Oct 2021 00:17:05 GMT
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
server
nginx/1.20.1
age
14983929
etag
"612ef1b8-59b"
strict-transport-security
max-age=31536000; includeSubDomains
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
accept-ranges
bytes
x-robots-tag
noindex, nofollow
content-length
1435
x-amz-cf-id
vzMGPpgaqnJSgAeF8EpH9KFukLHG49DVDZ6ifV976vsi22UU3RTfNQ==
expires
Sat, 15 Oct 2022 00:17:05 GMT
pview
l.sharethis.com/ 		0
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://l.sharethis.com/pview?event=pview&version=buttons.js&lang=en&sessionID=1649240956294.49239&hostname=ad4us.com&location=%2F128992%2Fstep-undo-last-reconcillation-in.html&product=widget&fcmp=false&fcmpv2=false&publisher=ur.00000000-0000-0000-0000-000000000000&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&title=Step%20%3A%20Undo%20Last%20Reconcillation%20In%20Sage%2050%20US128992&sop=false&description=US128992%2C%20Step%20%3A%20Undo%20Last%20Reconcillation%20In%20Sage%2050%2C%20In%20the%20given%20post%20we%20are%20explaining%20how%20to%20undo%20a%20bank%20reconciliation%20in%20Sage%2050%20cloud%20Accoun...&description=US128992%2C%20Step%20%3A%20Undo%20Last%20Reconcillation%20In%20Sage%2050%2C%20In%20the%20given%20post%20we%20are%20explaining%20how%20to%20undo%20a%20bank%20reconciliation%20in%20Sage%2050%20cloud%20Accoun...&img_pview=true
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.31.227 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-31-227.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Date
Wed, 06 Apr 2022 10:29:15 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains;
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
stid
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
Access-Control-Max-Age
1728000
Connection
keep-alive
Access-Control-Allow-Headers
*
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 		301 KB
108 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e4a2d1afd1c9f4740d12277ffb8f88949f58d6d5c4d84ae204748da74dbe4c18
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
110326
x-xss-protection
0
server
cafe
etag
3023380122955010226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 06 Apr 2022 10:29:15 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220404/r20190131/ Frame 3637 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220404/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
44061
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Apr 2022 22:14:54 GMT
etag
14837630671339829333
expires
Tue, 19 Apr 2022 22:14:54 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
cookie.js
partner.googleadservices.com/gampad/ 		213 B
642 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=ad4us.com&callback=_gfp_s_&client=ca-pub-3252232213703739
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
46f0d213c76d9863189d2a9bd4c22d9cc9b80458866056820f5f2e8c646298f5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
197
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ad4us.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ad4us.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
121 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&tn=DIV&cls=navbar%20navbar-inverse%20navbar-fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 10:29:15 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 8E2D 		43 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&adk=1812271804&adf=3025194257&lmt=1649240956&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&ea=0&pra=5&wgl=1&dt=1649240956431&bpp=3&bdt=500&idt=108&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5954620104371&frm=20&pv=2&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=1&uci=a!1&fsb=1&dtd=129
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
96fdafc28f1259dffe10532782cc68816f435095ea7537c993496e7d0915d02b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
13556
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Apr 2022 10:29:15 GMT
expires
Wed, 06 Apr 2022 10:29:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 6C01 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1020560031&adk=94194966&adf=2232996267&pi=t.ma~as.1020560031&w=336&lmt=1649240956&psa=0&format=336x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&wgl=1&dt=1649240956434&bpp=2&bdt=503&idt=133&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=778&ady=482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=s8ir8oSboH&p=http%3A//ad4us.com&dtd=139
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
69c22453b817ace7961af930ac2554cf72c4c1e9dab8bbde54765a6c7217eccf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9717
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Apr 2022 10:29:15 GMT
expires
Wed, 06 Apr 2022 10:29:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame E610 		436 B
235 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1284995633&adk=2907896458&adf=452939827&pi=t.ma~as.1284995633&w=864&fwrn=4&fwrnh=100&lmt=1649240956&rafmt=1&psa=0&format=864x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&fwr=0&rpe=1&resp_fmts=3&wgl=1&dt=1649240956436&bpp=3&bdt=505&idt=141&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C336x280&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=515&ady=1379&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=7NlvYepbyl&p=http%3A//ad4us.com&dtd=145
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
438f9065aba760482c981516ab390aa21768c9049232fd5927ee48c87296e899
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
212
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 06 Apr 2022 10:29:15 GMT
expires
Wed, 06 Apr 2022 10:29:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
404c2b4516ab1714cc0db81e2c865c41572abd59f02a3049bc6e49eb5999c986
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52632
x-xss-protection
0
server
cafe
etag
8893630026113858431
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Wed, 06 Apr 2022 10:29:15 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame 6C01 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1020560031&adk=94194966&adf=2232996267&pi=t.ma~as.1020560031&w=336&lmt=1649240956&psa=0&format=336x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&wgl=1&dt=1649240956434&bpp=2&bdt=503&idt=133&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=778&ady=482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=s8ir8oSboH&p=http%3A//ad4us.com&dtd=139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:20:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
554
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 10:20:01 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6C01 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1020560031&adk=94194966&adf=2232996267&pi=t.ma~as.1020560031&w=336&lmt=1649240956&psa=0&format=336x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&wgl=1&dt=1649240956434&bpp=2&bdt=503&idt=133&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=778&ady=482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=s8ir8oSboH&p=http%3A//ad4us.com&dtd=139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36931
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649071906742826"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Apr 2022 10:29:15 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame 6C01 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1020560031&adk=94194966&adf=2232996267&pi=t.ma~as.1020560031&w=336&lmt=1649240956&psa=0&format=336x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&wgl=1&dt=1649240956434&bpp=2&bdt=503&idt=133&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=778&ady=482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=s8ir8oSboH&p=http%3A//ad4us.com&dtd=139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:20:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
524
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 10:20:31 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 6C01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CG4Bre2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTQAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPTyV5BD6QPypaRV9w2Fucl4SqyQtUWivvQQGIslaFHcq99ZUcgouABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi0zMjUyMjMyMjEzNzAzNzM5GAA&sigh=PDixP8eym_c&uach_m=[UACH]&cid=CAQSGwCNIrLMPKMgDcKxBjEs-tahd5_UIrmKF_2s3RgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1020560031&adk=94194966&adf=2232996267&pi=t.ma~as.1020560031&w=336&lmt=1649240956&psa=0&format=336x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&wgl=1&dt=1649240956434&bpp=2&bdt=503&idt=133&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=778&ady=482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=s8ir8oSboH&p=http%3A//ad4us.com&dtd=139
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1020560031&adk=94194966&adf=2232996267&pi=t.ma~as.1020560031&w=336&lmt=1649240956&psa=0&format=336x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&wgl=1&dt=1649240956434&bpp=2&bdt=503&idt=133&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=778&ady=482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=s8ir8oSboH&p=http%3A//ad4us.com&dtd=139
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 06 Apr 2022 10:29:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Wed, 06 Apr 2022 10:29:15 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 6C01 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UKHiEuGBMNACmAKdg2ICAgAAAFsL4lYEv9kOEHprTWJfYUpoKiJsymIwfQAS&wp=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1020560031&adk=94194966&adf=2232996267&pi=t.ma~as.1020560031&w=336&lmt=1649240956&psa=0&format=336x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&wgl=1&dt=1649240956434&bpp=2&bdt=503&idt=133&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=778&ady=482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=s8ir8oSboH&p=http%3A//ad4us.com&dtd=139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
server
Kestrel
server-processing-duration-in-ticks
274228
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3B87 		117 KB
41 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3252232213703739&output=html&h=280&slotname=1020560031&adk=94194966&adf=2232996267&pi=t.ma~as.1020560031&w=336&lmt=1649240956&psa=0&format=336x280&url=http%3A%2F%2Fad4us.com%2F128992%2Fstep-undo-last-reconcillation-in.html&wgl=1&dt=1649240956434&bpp=2&bdt=503&idt=133&shv=r20220404&mjsv=m202203300101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5954620104371&frm=20&pv=1&ga_vid=1933758934.1649240957&ga_sid=1649240957&ga_hid=340046452&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=778&ady=482&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31065722&oid=2&pvsid=3442758335885250&pem=826&tmod=875927631&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=23&ifi=2&uci=a!2&fsb=1&xpc=s8ir8oSboH&p=http%3A//ad4us.com&dtd=139
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
2c5387ca857eb42b0686a9782f401002abdffe2d4287059c39fdb49f07db3603
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 06 Apr 2022 10:29:14 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=cpD_GwgsK2M9A15aw03DsG7Lc4g4E3_uQg4c-slUl6qAyZQ2Uzw7eE9jrTiSGop0s-hMJwxrn17HVGes7a47NoaSfPddafQwk_Qd5D2olU_35Cq1S_utb83TxDNKaKpv2XE_mEUB87bfA14RpgFDIa-Ej8KsT_2wvteoXZa4XxA3Ub_gDSVjjKNBmHKHoJ4HshB-b5hCdpekQTa22h56qU1y739Dr386rNpBryMnCFhhGX4aRA6YDGdjU9dGBbVxYw80jw"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
21975639
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=ad4us.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=ad4us.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/ Frame 106C 		10 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
39815
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4398
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 05 Apr 2022 23:25:40 GMT
etag
14837630671339829333
expires
Tue, 19 Apr 2022 23:25:40 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
adview
googleads.g.doubleclick.net/pagead/ Frame 106C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CyZvwe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE0QFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbsdLb4fvAhK2LfaT9_vKwD7I-OX20uxuqqM8FryjGJ7Tafy2XI18IAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTMyNTIyMzIyMTM3MDM3MzkYAA&sigh=cChbB7Nm_U4&uach_m=[UACH]&cid=CAQSGwCNIrLMeptN-nN3gyhEKDJ9frOG-Uh9eMrrBxgB
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Wed, 06 Apr 2022 10:29:15 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 106C 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UKHiEsz6RO0HfJ2DYgICAAAAulB-Wtoc9I4Qe2tNYqvFA62xPgNZpfYWABI&wp=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw
Requested by
Host: ad4us.com
URL: http://ad4us.com/128992/step-undo-last-reconcillation-in.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
server
Kestrel
server-processing-duration-in-ticks
222246
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame D6F5 		120 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
77c52a44d08f8db5fae0cb372c5291050f48c55d72d086dea300822b3ba0dfb2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Wed, 06 Apr 2022 10:29:15 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Rfe1HAgsK2M9A15aN1me8ExH9JmVpVG_aDVwE_RrKZDzoSXyn8a-6I-FX5A8hfpZ2LP18LTLnFvkOnT4CXREGJNek99xRlIrn_recxLnQL7bMKQZmDBCUc3DpJN0fA5nm3VgWWv6pbLE3c4Hhb2QO0VNtl6wMYfYEtUMEZwN8IFtGbIDuidwJkhHEENYFCZM7Mur-tz1sCduv7A7nn-Dg-hu4Skmd8yoHIaNIoRBGqZqytdm1FGzLbsWlvMP_hal0PlxWg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
24965371
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame 106C 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:08:39 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1236
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1233
x-xss-protection
0
server
cafe
etag
16517525077337815633
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 10:08:39 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/ Frame 106C 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220404/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:14:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
900
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6407
x-xss-protection
0
server
cafe
etag
6055885685211612390
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 20 Apr 2022 10:14:15 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 106C 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220404/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36931
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1649071906742826"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Apr 2022 10:29:15 GMT
truncated
/ Frame 6C01 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
14349dc572042fa7b540d792f1ad951eadc3f9418330551c3aea84c9466ba237

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3B87 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3B87 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3B87 		308 B
637 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 01 Apr 2023 10:29:15 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 3B87 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sat, 01 Apr 2023 10:29:15 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame 3B87 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=ICCUkXOS0EBdk3Dz3ygTwWK6_C0MMbD5aX4uF_a7EjQMNZWm-M5j7sJ9JCJizxVTVQnD0YJz_xndob3xGVqoCto5aCWvm02qKACPNVAdJHwmLhohwiGRI88xFLphFeEvyvaA1UDEmXDL4_wOzSyeJRZ0aIAqy4i64QFUOc2bhBdqWaqe5iP9lAXOz5y2N5fFnMXFOwD7o16U-kVQWYGDVbJrswNYj6HJqENLpWTk9iKeCqBE-iddytzdWE9leij5sMKG_l7O9E17iTazNU8HhRgYC_SNtt5HoYckLrPtAkVKrK-t8P5mkesE1jiA5rA_0yyaZOgOg4ve42wgvtUQyqJ_E3z-2Ps5GVP9lg9cV2YchnGkvLVj-GNnRpnu4U1UKp-PWRelSr3zUMXZ5voG75PhuBYYqFyA7z8RdE9nXquC40ur9wM4ji4xACQyIotb7rFV1A
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 10:29:15 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
5285767
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
privacy_small.svg
static.criteo.net/flash/icon/ Frame D6F5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame D6F5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame D6F5 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Sat, 01 Apr 2023 10:29:15 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame D6F5 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Sat, 01 Apr 2023 10:29:15 GMT
lg.php
cat.fr.eu.criteo.com/m/delivery/ Frame D6F5 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.fr.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=sMABxBhbq8jnCqZN0ivZwHYzZYfpSNxvm2GmX9krt_yj1Kfi69uRJKnyuKBtXADpO7tZkBp3E1PVjusKg2pTXQX-UdlmkkS8vP-6bsPzoH60UoXGYUf2np0n11ZHq4uM_Js-DrjgXVtdiZO-f3p08qRT2dOTXPLSs5WbJ9C96wMOLKnT-N2XPgpL_5Lcjx6T4sycB20KbuVyFCDGRWqNRNAMn7L6nF_jc79pAKmAmTbsDoBH2EPEdE4rzZZQpJxj5ToZuFipvmFLLVVdxbtxvsA6CipThGQdPspmEAtskHqk8syrMDFLW91Lahwhg9paLCexREVTtmizevgEFGZJC5OhzlMUzbd670XnOrKYaPH1ZAjmpDg0kyjNplxFhnRZVT2NQmJVxBKWf5ctOKTYDjTxjkLlcVxaF5rTQDnHTZ5yS9CRwW3HUSe3hnvQ6WJzJJZLpg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 10:29:15 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
4129679
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3B87 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
128663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3OmMCtR9Vg1GE%2F%2BT6hYi6yLTW6bcpgzwugSNhnATbqmVpqWyi6dl8ssSosEL1gE2IhXc8fXWczYwxTvXyGIHu8wMW2IskXk2lKZvoaXqgf%2Bi6LmJyAroRAdbSi8LzLE90c48EXcRTVX2Tcl2ugZUfeHt"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f79d7663fa49bb2-FRA
expires
Mon, 27 Mar 2023 10:29:15 GMT
animejs.js
static.criteo.net/animejs/ Frame 3B87 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame D6F5 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
128663
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4420
timing-allow-origin
*
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0L7WPTV17PRdlkJtsEpubnOslkx1%2FMUTkYa7a%2B6U7pABG3VDRadYgzb4845vmiQUwsCeV8OflUadE%2FASkspq400Esrm40N5SAox0b0jS9VxVkmCCNZw9H9broJAj7xRkQpI1fCZ10Rws7MA48B0Z05xI"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=30672000
accept-ranges
bytes
cf-ray
6f79d7663fa79bb2-FRA
expires
Mon, 27 Mar 2023 10:29:15 GMT
animejs.js
static.criteo.net/animejs/ Frame D6F5 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
img
pix.eu.criteo.net/img/ Frame 3B87 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=94486&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F94486%2F220315%2Faa55876514c94169bf39e1815703315f_1200x628_native4.jpg&v=3&s=fFG6dUclWjQeTHGEUo1DGGf6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
67c3fdabba66e3efc359348b32568367dcc670e4d67f1234131b08fae7e72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29459500
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
163870
expires
Mon, 13 Mar 2023 09:40:56 GMT
img
pix.eu.criteo.net/img/ Frame 3B87 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=556&m=0&partner=94486&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F94486%2F220315%2Fb83bfc8b893c4a6b8ba22b57f80d9ac2_webp.net-resizeimage_%281%29.jpg&v=3&w=668&s=f1QLa17Ugi6ZqLAHxFBVzpzf
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
649cf009cc6255ef083ca6e16180011d39274b31e6b269eedb77a18d36aedfca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29459500
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
8936
expires
Mon, 13 Mar 2023 09:40:56 GMT
all
csm.eu.criteo.net/ Frame 3B87 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=cpD_GwgsK2M9A15aw03DsG7Lc4g4E3_uQg4c-slUl6qAyZQ2Uzw7eE9jrTiSGop0s-hMJwxrn17HVGes7a47NoaSfPddafQwk_Qd5D2olU_35Cq1S_utb83TxDNKaKpv2XE_mEUB87bfA14RpgFDIa-Ej8KsT_2wvteoXZa4XxA3Ub_gDSVjjKNBmHKHoJ4HshB-b5hCdpekQTa22h56qU1y739Dr386rNpBryMnCFhhGX4aRA6YDGdjU9dGBbVxYw80jw&sds=2&rev=81065&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Apr 2022 10:29:15 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3B87 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3B87 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
truncated
/ Frame 106C 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f9c9067218439d309ab7e334bdae230babd0e3f67aa919115c1a19eb813241f3

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

Content-Type
image/png
img
pix.eu.criteo.net/img/ Frame D6F5 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=94486&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F94486%2F220315%2Faa55876514c94169bf39e1815703315f_1200x628_native4.jpg&v=3&s=fFG6dUclWjQeTHGEUo1DGGf6
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
67c3fdabba66e3efc359348b32568367dcc670e4d67f1234131b08fae7e72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29459500
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
163870
expires
Mon, 13 Mar 2023 09:40:56 GMT
img
pix.eu.criteo.net/img/ Frame D6F5 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=244&m=0&partner=94486&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F94486%2F220315%2Fb83bfc8b893c4a6b8ba22b57f80d9ac2_webp.net-resizeimage_%281%29.jpg&v=3&w=2006&s=qpxVwKbjY4PAi2ftJSUMETmA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9fa576c7df909d21d258bbb43906399a760b4b89c2e084a6668e544f01c3e7c3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29459500
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
3492
expires
Mon, 13 Mar 2023 09:40:56 GMT
all
csm.eu.criteo.net/ Frame D6F5 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Rfe1HAgsK2M9A15aN1me8ExH9JmVpVG_aDVwE_RrKZDzoSXyn8a-6I-FX5A8hfpZ2LP18LTLnFvkOnT4CXREGJNek99xRlIrn_recxLnQL7bMKQZmDBCUc3DpJN0fA5nm3VgWWv6pbLE3c4Hhb2QO0VNtl6wMYfYEtUMEZwN8IFtGbIDuidwJkhHEENYFCZM7Mur-tz1sCduv7A7nn-Dg-hu4Skmd8yoHIaNIoRBGqZqytdm1FGzLbsWlvMP_hal0PlxWg&sds=2&rev=81065&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Apr 2022 10:29:15 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D6F5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame D6F5 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:15 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Sat, 01 Apr 2023 10:29:15 GMT
css
fonts.googleapis.com/ Frame D6F5 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 08:32:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Apr 2022 10:29:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Apr 2022 10:29:15 GMT
css
fonts.googleapis.com/ Frame 3B87 		2 KB
610 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Wed, 06 Apr 2022 10:26:54 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Wed, 06 Apr 2022 10:29:15 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 06 Apr 2022 10:29:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame D6F5 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
463375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 01:46:21 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 3B87 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://ads.eu.criteo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Fri, 01 Apr 2022 01:46:21 GMT
x-content-type-options
nosniff
age
463375
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 01 Apr 2023 01:46:21 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220404&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cdf379e15228ca72c6539c19f8772f49f32075c382b875e34630b2d99b979874
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 06 Apr 2022 10:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10751
x-xss-protection
0
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203300101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-3252232213703739&plah=ad4us.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:16 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 06 Apr 2022 10:29:16 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 4E86 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

accept-ranges
bytes
age
1024
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 06 Apr 2022 10:12:12 GMT
expires
Thu, 06 Apr 2023 10:12:12 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 4188 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f0aeb75811c54548ea59c7b51c5eb27b56f5e991fcce7e6c1d8a7f44378a4ffa
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-4DO6R9g2NRsJfAAV9ThebA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-4DO6R9g2NRsJfAAV9ThebA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 06 Apr 2022 10:29:16 GMT
expires
Wed, 06 Apr 2022 10:29:16 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
pagead2.googlesyndication.com/bg/ Frame 4E86 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/3b8ZtKHcFUSYKihZpywKVICyDtFsaoLwoCuDyEZifyk.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 08:39:54 GMT
content-encoding
br
x-content-type-options
nosniff
age
6562
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Mon, 28 Mar 2022 10:48:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 06 Apr 2023 08:39:54 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 4188 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220404&jk=3442758335885250&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 4E86 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?bQld8Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:16 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
index.html
ws.sharethis.com/secure5x/ Frame 1247 		14 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/index.html
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/button/async-buttons.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

age
31998
content-encoding
gzip
content-length
4082
content-type
text/html
date
Wed, 06 Apr 2022 08:47:27 GMT
etag
W/"61e1c3fb-390f"
last-modified
Fri, 14 Jan 2022 18:42:03 GMT
server
nginx/1.20.1
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
x-amz-cf-id
v5X5M0uaB3A7gWSktZedDpTweMebJur8svf-ovQYp0jfkQXG8_V_bA==
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
x-robots-tag
noindex, nofollow
stcommon.1f60705adac788a51a8240cf535237b0.js
ws.sharethis.com/secure5x/js/ Frame 1247 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/stcommon.1f60705adac788a51a8240cf535237b0.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 03:47:33 GMT
content-encoding
gzip
vary
Accept-Encoding
age
18772903
x-cache
Hit from cloudfront
content-length
5630
server
nginx/1.20.1
etag
W/"612ef1fe-40f6"
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
x-robots-tag
noindex, nofollow
x-amz-cf-id
rLgxaG9FCy68TNkNIe-HSp6Tj1IYpMt426QMhzvbHE3kyBqFCivnmA==
expires
Thu, 01 Sep 2022 03:47:33 GMT
st.31cb6fcb48e558d491ec5da1e80ebf3d.js
ws.sharethis.com/secure5x/js/ Frame 1247 		132 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ws.sharethis.com/secure5x/js/st.31cb6fcb48e558d491ec5da1e80ebf3d.js
Requested by
Host: ws.sharethis.com
URL: https://ws.sharethis.com/secure5x/index.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:8600:3:c04e:c780:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ws.sharethis.com/secure5x/index.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Thu, 28 Oct 2021 00:51:53 GMT
content-encoding
gzip
server
nginx/1.20.1
age
13858643
etag
W/"6179dc46-20e82"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 d81b69368e6f8be2907e338480e58682.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA60-P4
strict-transport-security
max-age=31536000; includeSubDomains
x-robots-tag
noindex, nofollow
x-amz-cf-id
AvovPR-OUSw3CFJuvhA4fZ-mJ66Ar0eXge8lBE0YNvC33EEWlRaf5A==
expires
Fri, 28 Oct 2022 00:51:53 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 6C01 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudz-0btBzMwhpLg6FWgm57TYecm41nO8mSovmh6l5Vn1wa1MiDRCG3aDwL94InGbtqICyjmbLXyLWflxIeZpEO&sig=Cg0ArKJSzO-J3a8qP7SDEAE&id=lidar2&mcvt=1000&p=0,0,280,336&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220404&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=94194966&rs=2&la=0&cr=0&vs=4&r=v&rst=1649240956574&rpt=335&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 10:29:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20220404&jk=3442758335885250&bg=!Q0ClQATNAAZku-1yRLs7ACkAdvg8Wh1fxPvymdzoYsBHsL5GJTqQASA4dR8BYg4G4Oz88gjGJ5FRLgIAAAByUgAAAAJoAQcKACc9hFcQ5V5Bkc4qUwwvg1bwdM-AyMRPs1jXiOr2DmV6sMndM05w9T2ZAo8o7qDU2wfxQoNPJujUPn_cFIkdsU5-WvoOgBWJmqX-_YNeEuZHyhNGYniOOOfEDHIluuIk4RaoNqRpy3gCHGhEjkcJxgqaPNgdUQUDYmN8T0D8Fz_ncjBSpVh4IKc7zjKykO9y6wknqx6sWjgW89B4oMpeqd6f0sIKOsNbUyDE0KSJGzl_Aeb-95iRkazxN8Lw_xxDanaEloWVQU21vzfPZYtGHaNFyik18aVJbsgipATev6VprlSKDFzyaUzIMFMtXZseV9EALz4n4OyLOrunz-3aB6Ho-ARI5kmuWA8BBJ28FdlWjVYt9DjHiH-0EpwT9r7mHTzQPcpUMB21E4ZJIdf8b-fNY93aLBFeTZagkDpga6auTjiAyvXOD-YxYAmVnFfkSWDHA6x0cmfmr7Fff0tsC0eLim5Ub4WLjSGQtmcZYKEkjVB7izhuhj2dRw8VkdDbxMBrgoyDsjYmq0KyHDiWIq6FCcoUIotxTXHWBSIDAf6oT7pEtQpJTNWpqkRiN8VjfTAe3KAB3qr7Ykwr5ORcUDPjsZyzTSSSgckuyFDpgHqjQQ2k37ZhmchbJYLx00PNiu1ffCUqxg5IOwzy_Fkny88rTh8H7wtSIpGxKPnUhMRAU1apR5QpXdl2CHl26qSA-cKUL5T4l_SN5fMSSVVh2T1XLNL7H5ot97_DbOx0tB5ODTdcY1nY92Ln0bG8DqZCEehwhqu9qgGXxT9XKdGUZR8w1sy_7OF36oUWLRpAFkUgoLs8kaJEcARBNYaQl_gXz64MV231ka7enetQhS9_JmMQH7fOrj22DROnmIPeikOz--RTYx43g4h5lwKik0hDCngwdtqEtrhWPz7iC7ev-c_RHha0ntKWe-zl
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
http://ad4us.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 10:29:16 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 3B87 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=cpD_GwgsK2M9A15aw03DsG7Lc4g4E3_uQg4c-slUl6qAyZQ2Uzw7eE9jrTiSGop0s-hMJwxrn17HVGes7a47NoaSfPddafQwk_Qd5D2olU_35Cq1S_utb83TxDNKaKpv2XE_mEUB87bfA14RpgFDIa-Ej8KsT_2wvteoXZa4XxA3Ub_gDSVjjKNBmHKHoJ4HshB-b5hCdpekQTa22h56qU1y739Dr386rNpBryMnCFhhGX4aRA6YDGdjU9dGBbVxYw80jw&sds=2&rev=81065&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHe-wKmpYVAAqKgh0NE8uSukG_-I2IJQ&u=%7CZR962OeCHjnmvDNRvu9ECc1Qu9VGRzMzo%2FLjNk6EzWc%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKy6m6Q0z9fPmR_BGzuJ4dg4RN1skBRrzln_qBShxs1fvy7oFLUV6G8ObITYyvgNlKr_BLjO1-zajmT-ag_6FpJ5Kz8iWkRl_RUC_H9hIHiTUTDuSCKxv6VepbSVhb-4nhxawU0D74W4yQhxnAYJtyHMbVpAXESMbF4uKvENmJGrbO3UrNhYAXEQs7sSwcnxUWiJC6FRUR7p_ihGubtOTQ7eqelsAaFB99eaDpIPFPJSYYfuFyVcUX4OepLP3ORRfoAuoVdr0yV4WxRx3zmbmZ1nywFPCw3xQ_3t_6njaJJK60P4uQ01JGmU6imPZkB9ClMbHr2XqVx1zuQCzUp2gbu6intBP0mG8XxnITdKMkaU3S_zH3vIwmAfTA1gvT-evv-6QEaP7qxtxgtkVvy3xHeSo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCYrW4e2tNYuz3HZWs6gSClaqAB8me0rFc1Z2R93DAjbcBEAEgAGCV2rOCwAeCARdjYS1wdWItMzI1MjIzMjIxMzcwMzczOaAB1bbS6gPIAQmpApzIbW2TRLI-qAMBqgTTAU_QjF6rx-eJfKmav-YZvHS7owK40HGpih8wMDcGwKiilDc00t6NzZt4ZaEZSMKdiMFd__fSoCLP2SUJhhv1RsZE64wZMtfq3EYJPWF4LCSK6hcVPPufW5DrvPDkGvH4Lo_K_es-r2DBdSWj8xudQTpU5oBqBWwGwlnzcWIp9phcCM4DrL-BYfGE9LhEQ7abZVd9a53SZIERbabDF-HRuL2NP_HvEBm7hqHPDSdYlrkfoznl2UvTCGY6b42-w71edDNt9cm1FKQ6A-alcD-YkTSLTl-ABrTC6sbM-ov4xwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgHAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_33ICXlm1Obez8G1Ok_xh7f0xiVKA%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Apr 2022 10:29:16 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
activeview
pagead2.googlesyndication.com/pcs/ Frame 106C 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvr5ArYrIT5TCwQbrfSw_ozTpIUUG_WjODsbBd6C1qqxAw7heKwnJzCbWW5U0cO8GKdnEqo7Q8RFzaed2LfRH86aQ&sig=Cg0ArKJSzPYrUPQCw7sVEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,766,1000,1117,1177&tos=83,683,234,117,60&v=20220404&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1649240956845&rpt=184&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 06 Apr 2022 10:29:17 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame D6F5 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=Rfe1HAgsK2M9A15aN1me8ExH9JmVpVG_aDVwE_RrKZDzoSXyn8a-6I-FX5A8hfpZ2LP18LTLnFvkOnT4CXREGJNek99xRlIrn_recxLnQL7bMKQZmDBCUc3DpJN0fA5nm3VgWWv6pbLE3c4Hhb2QO0VNtl6wMYfYEtUMEZwN8IFtGbIDuidwJkhHEENYFCZM7Mur-tz1sCduv7A7nn-Dg-hu4Skmd8yoHIaNIoRBGqZqytdm1FGzLbsWlvMP_hal0PlxWg&sds=2&rev=81065&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yk1rewAHDOUKd_XNAAzDuKTSE9BDJ4zSq_xLtw&u=%7CZR962OeCHjlHhZZ2d1%2FzQOPII5eJDrEzmzlgzESR%2Bvo%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUM-XLpNMWrQYGOJSHVY72hdVJ5YWdTrnDCe3JAOBA7ooULV8eF2wUVIieaxfrW_sChoWEBBWog92QwyKSpTDLNPQNLXdHfgdv7ClGYWfAUV3hJfQ_wvvph-Tzj9ckPupYMACVqcNL0COS-5DOE24aRgJoqDvv66kV8dTMc3EiMNJ2Mmkmwukjbh3KIeUU8OmO39xpkeMblYljhOouk-f8yO8oNOliucgEyuKTguAvxdVR38e3G9lb3_B_TQigBYtLkNT1TO0LVhRGp2Cpo8chA1ixiikX_-nY9PzgPWZZNNQvoT_omNdHDmB5IUjnXe_nN9_TzguJsIW8YOmO3atL8SDLJFJUudltU-eVHxkT6eKq3x_EnXIsKPAocvT5ZWGnuisH9-7Diqe&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIg9pe2tNYuWZHM3r3wO4h7PIDcme0rFc9ZHevrEBwI23ARABIABgldqzgsAHggEXY2EtcHViLTMyNTIyMzIyMTM3MDM3MzmgAdW20uoDyAEJqQKcyG1tk0SyPqgDAaoE1AFP0AUXc8ARYh3W_cz78r5YhYVsR5_DOQkWZYCijZJV98i2IZ7qXiXgfwSNL7ZLR3uAZy-gtPsF4N9XTZ4hgMeR-xFlIRIIdJv5RIOaTmKKDLUHsJAMuj9BRh7U7joA4L9A3spjRFwDU_mJlLCdG0ESSAeRB4bafvpFrUPC38nr3wsE6EMWe3vqnTMwBc4r4u2QPQOlkkkj-YWpmNzp6jrLaglrrmmJcGuppbtfL5-NO4fWywhGW3w_FqYDKvedbUGfoig4OGdUft1lYb93c_YmT2XPMIAGtMLqxsz6i_jHAaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAcBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_206A0bk2SJlqE_VIc5ugc0y1nOXg%26client%3Dca-pub-3252232213703739%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 06 Apr 2022 10:29:16 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
img
pix.eu.criteo.net/img/ Frame 3B87 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=94486&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F94486%2F220315%2Faa55876514c94169bf39e1815703315f_1200x628_native4.jpg&v=3&s=fFG6dUclWjQeTHGEUo1DGGf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
67c3fdabba66e3efc359348b32568367dcc670e4d67f1234131b08fae7e72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:17 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29459498
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
163870
expires
Mon, 13 Mar 2023 09:40:56 GMT
img
pix.eu.criteo.net/img/ Frame D6F5 		160 KB
160 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?m=0&partner=94486&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F94486%2F220315%2Faa55876514c94169bf39e1815703315f_1200x628_native4.jpg&v=3&s=fFG6dUclWjQeTHGEUo1DGGf6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
67c3fdabba66e3efc359348b32568367dcc670e4d67f1234131b08fae7e72a10
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.60 Safari/537.36

Response headers

date
Wed, 06 Apr 2022 10:29:17 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=29459498
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
163870
expires
Mon, 13 Mar 2023 09:40:56 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 function| structuredClone object| oncontextlost object| oncontextrestored boolean| switchTo5x object| stlib function| _$d function| _$d0 function| _$d_ function| _$d1 function| _$d2 function| _$de function| _$dt object| _all_services boolean| tpcCookiesEnableCheckingDone boolean| tpcCookiesEnabledStatus string| customProduct string| stWidgetVersion object| stButtons object| stWidget boolean| sop_pview_logged object| ShareThisEvent object| stLight boolean| st_showing object| adsbygoogle function| init_hash boolean| showHoverbarReskinned boolean| isEsiLoaded boolean| stShowNewMobileWidget boolean| isMobileButtonLoaded boolean| stRecentServices boolean| iswhatsappCustomButton boolean| isKikCustomButton boolean| stIsLoggedIn object| servicesLoggedIn object| stFastShareObj boolean| useFastShare object| stButtonsLib function| Shareable function| shareLog undefined| __stPubGA object| async_buttons function| foursquareCallback function| __stgetPubGA function| plusoneCallback boolean| openWidget object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ object| google_image_requests function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages function| $ function| jQuery object| jQuery110203473482208976877 string| baseURL object| google_llp object| googletag object| GoogleGcLKhOms string| messageSet

3 Cookies

Domain/Path Name / Value
ad4us.com/ Name: adz
Value: 0u2gqacpmaiva0hoavs4cpif88
.ad4us.com/ Name: __gads
Value: ID=0eaf3afd0455d52b-2261555c6fcd00ed:T=1649240955:RT=1649240955:S=ALNI_MayBctz0xgm7IORlxRsRohg7GhCzg
.doubleclick.net/ Name: IDE
Value: AHWqTUmWd5QR-4nDsg-seDH3DME5ZqqP7LOr_VUIB9Pm_N0_mSlLODRwaLbMrJBoW-Y

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad4us.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
l.sharethis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
w.sharethis.com
ws.sharethis.com
www.alexa.com
www.google.com
www.googletagservices.com
108.138.17.46
134.195.14.20
142.250.186.34
178.250.0.139
178.250.0.160
178.250.2.150
2600:9000:225e:8600:3:c04e:c780:93a1
2606:4700::6811:190e
2a00:1450:4001:802::2002
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:812::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:4001:831::2004
2a02:2638::2
2a02:2638::3
2a02:2638::b
3.127.31.227
026062011a76707e200ab01bfabd073d8e72ee8385acdef89b801de2e7f098c6
03f4f72d7090e82fbaf35259ac9dfea880d4874bf694cd6cbfc54a62a0023c4d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
10844afc2660a21596c05acbd457c20a58575f72264ffef1bc55255c33de4f73
14349dc572042fa7b540d792f1ad951eadc3f9418330551c3aea84c9466ba237
2adf2bf97f229c24bb5e8694f451ef6fe99f258009b4b45e8039e2c06fca0272
2c5387ca857eb42b0686a9782f401002abdffe2d4287059c39fdb49f07db3603
2d200d90966b8380a648972d71130785371751cf24bb7398f2854be23afb4a65
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
38bdaa6ffa7c071fd9af7eb4fc6e34125cbac8965ad71fb0e93a0d2140dd2842
39446b399dd1911651e5517b059c649de4a58c3d89ddafa594a6867a9b201564
3e460b21839bf49543aeac626269114e5bc49092a516d7e94da7dbaee582bfd6
40279417deb789df672f0165a0817b4c84893685d47a4fd8e20770e838ef4367
404c2b4516ab1714cc0db81e2c865c41572abd59f02a3049bc6e49eb5999c986
438f9065aba760482c981516ab390aa21768c9049232fd5927ee48c87296e899
46f0d213c76d9863189d2a9bd4c22d9cc9b80458866056820f5f2e8c646298f5
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
52567555378dacb540a3c3f256a2bf5d3122fb612eb3870a0428d3c3b24feaf9
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63faf0af44a428f182686f0d924bb30e369a9549630c7b98a969394f58431067
649cf009cc6255ef083ca6e16180011d39274b31e6b269eedb77a18d36aedfca
677ed7ee257a2c841f70a183557dcd2d0d51f0091f7da8ab9d2c44fcee0279af
67c3fdabba66e3efc359348b32568367dcc670e4d67f1234131b08fae7e72a10
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
69c22453b817ace7961af930ac2554cf72c4c1e9dab8bbde54765a6c7217eccf
6dc70cb8897e73c663d4c5ac4c6cfffb046c1072351352747d5f280a312387a5
732d3038cffc852adde57cc51509924b478a45c898cefbb6e46b04448feff7e5
77c52a44d08f8db5fae0cb372c5291050f48c55d72d086dea300822b3ba0dfb2
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7ba38c636940db54018406db91e3a02040d14fd6ce7dabf8bdb011067ba8eb41
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
95dc1b83a7c030dd13ab3e29df921f10e04208b28734f172ea232854264c3b05
96fdafc28f1259dffe10532782cc68816f435095ea7537c993496e7d0915d02b
9fa576c7df909d21d258bbb43906399a760b4b89c2e084a6668e544f01c3e7c3
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a59c05d1a0531610285fb30680c6ff8cb80b987cfd7f118a84e44ca4dd942f55
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a840cc3dd2b143b81bbf4aebb9963cc54073801eeb83d3b5f4560f278e012328
afef76ef093eba54cb1cfaa4f71d23b71b62586b6fae86185416fcba069723d9
b2037037a91846a9e89bacc59cdd9f17df28b1cbdd6406e866998b5771795d88
c3a7b608ebfa8d1dfe658bc119e6236a6aaf878a779e7c560aa11dd30881a56a
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cdf379e15228ca72c6539c19f8772f49f32075c382b875e34630b2d99b979874
d0c8da105e3942965cf032c25db093698e244ee11cc23c52e52b506926083dfd
d867b2bf66116e2edb166faaecc3a30b9c2cebfe6d87080b0bd6970dc08b10dd
db21c24a74a4fc47c14b88a4f0bd7bb1b0036170637e5d8a75d6335dd83441c6
dcbef64379674cd71a0eb52796d0be8c998c08e6cde5e39c610d7d0ae7069df9
ddbf19b4a1dc1544982a2859a72c0a5480b20ed16c6a82f0a02b83c846627f29
e083ca305fe5020595b52c04499258219f69c8cb83ec0ffc1eb0f22815f5c60f
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a2d1afd1c9f4740d12277ffb8f88949f58d6d5c4d84ae204748da74dbe4c18
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0aeb75811c54548ea59c7b51c5eb27b56f5e991fcce7e6c1d8a7f44378a4ffa
f439da38fff1f00880a6ec0e9ff410163f651aa7f809ee3bc55f1768078f35e3
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f617a06005db926770f98bbecaa41386ab1074e05606064a27ce931420ebf18c
f9c9067218439d309ab7e334bdae230babd0e3f67aa919115c1a19eb813241f3
ffd7d8f21205b5a8c3d1e2fd124fd554edbc9ab1ef756b679fcf276bb00a229f