urlscan.io logo urlscan.io
SecurityTrails logo

card-selection-ua.pu707ev.com Open in urlscan Pro
2606:4700:10::6816:d54  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://card-selection-ua.pu707ev.com/
Effective URL: https://card-selection-ua.pu707ev.com/
Submission: On February 08 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 38 IPs in 7 countries across 35 domains to perform 76 HTTP transactions. The main IP is 2606:4700:10::6816:d54, located in United States and belongs to CLOUDFLARENET, US. The main domain is card-selection-ua.pu707ev.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 9th 2023. Valid for: a year.
This is the only time card-selection-ua.pu707ev.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 13 2606:4700:10:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
5 52.58.170.73 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a02:2638:3::e 44788 (ASN-CRITE...)
3 5 2a02:2638:3::c 44788 (ASN-CRITE...)
3 178.250.1.9 44788 (ASN-CRITE...)
2 2 142.250.185.98 15169 (GOOGLE)
1 35.214.149.91 15169 (GOOGLE)
2 3 37.252.172.123 29990 (ASN-APPNEX)
1 184.30.20.22 16625 (AKAMAI-AS)
1 69.173.144.139 26667 (RUBICONPR...)
1 5.196.111.72 16276 (OVH)
1 141.226.228.48 200478 (TABOOLA-AS)
1 2.19.85.30 16625 (AKAMAI-AS)
1 76.223.111.18 16509 (AMAZON-02)
1 88.221.110.65 20940 (AKAMAI-ASN1)
1 37.157.2.230 198622 (ADFORM)
1 185.255.84.153 200271 (IGUANE-)
1 2 104.18.36.155 13335 (CLOUDFLAR...)
1 2 18.203.3.59 16509 (AMAZON-02)
1 162.19.138.117 16276 (OVH)
1 54.77.245.236 16509 (AMAZON-02)
1 34.117.157.22 396982 (GOOGLE-CL...)
1 52.28.59.154 16509 (AMAZON-02)
1 35.162.162.179 16509 (AMAZON-02)
1 64.202.112.255 23352 (SERVERCEN...)
1 198.47.127.205 3257 (GTT-BACKB...)
1 52.28.191.31 16509 (AMAZON-02)
1 2600:1f18:612... 14618 (AMAZON-AES)
1 23.35.237.75 16625 (AKAMAI-AS)
1 52.18.110.33 16509 (AMAZON-02)
1 18.195.199.8 16509 (AMAZON-02)
1 18.203.91.219 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
76 38
1    2606:4700:10::6816:c54 (United States)

ASN13335 (CLOUDFLARENET, US)
card-selection-ua.pu707ev.com
13    2606:4700:10::6816:d54 (United States)

ASN13335 (CLOUDFLARENET, US)
card-selection-ua.pu707ev.com
4    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
5    52.58.170.73 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-170-73.eu-central-1.compute.amazonaws.com
fs.pudaf.com
f.pudaf.com
4    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
2    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dynamic.criteo.com
5    2a02:2638:3::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
mug.criteo.com
3    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
dis.criteo.com
2    142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net
cm.g.doubleclick.net
1    35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com
x.bidswitch.net
3    37.252.172.123 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
1    184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    5.196.111.72 (Lille, France)

ASN16276 (OVH, FR)
PTR: ip72.ip-5-196-111.eu
rtb-csync.smartadserver.com
1    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    2.19.85.30 (Düsseldorf, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-85-30.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
1    88.221.110.65 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a88-221-110-65.deploy.static.akamaitechnologies.com
hb.yahoo.net
1    37.157.2.230 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
1    185.255.84.153 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    104.18.36.155 (None, )

ASN13335 (CLOUDFLARENET, US)
r.casalemedia.com
2    18.203.3.59 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-3-59.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
1    54.77.245.236 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-245-236.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com
matching.ivitrack.com
1    52.28.59.154 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-59-154.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    35.162.162.179 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-162-162-179.us-west-2.compute.amazonaws.com
jadserve.postrelease.com
1    64.202.112.255 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
sync.outbrain.com
1    198.47.127.205 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
simage2.pubmatic.com
1    52.28.191.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-191-31.eu-central-1.compute.amazonaws.com
match.sharethrough.com
1    2600:1f18:612b:4264:c31d:e2c0:922a:b714 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
criteo-partners.tremorhub.com
1    23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com
ad.yieldlab.net
1    52.18.110.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-110-33.eu-west-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
1    18.195.199.8 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-199-8.eu-central-1.compute.amazonaws.com
e1.emxdgt.com
1    18.203.91.219 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
beacon.krxd.net
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
Apex Domain
Subdomains		 Transfer
14 pu707ev.com
card-selection-ua.pu707ev.com
224 KB
9 criteo.com
dynamic.criteo.com — Cisco Umbrella Rank: 4093
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 3029
sslwidget.criteo.com — Cisco Umbrella Rank: 2370
dis.criteo.com — Cisco Umbrella Rank: 598
33 KB
6 gstatic.com
www.gstatic.com
fonts.gstatic.com
450 KB
5 pudaf.com
fs.pudaf.com — Cisco Umbrella Rank: 504601
f.pudaf.com — Cisco Umbrella Rank: 401657
75 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 2
36 KB
3 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 252
3 KB
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 239
1 KB
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1800
1 KB
2 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 258
1 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 37
156 KB
1 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 114
1 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 946
44 B
1 emxdgt.com
e1.emxdgt.com — Cisco Umbrella Rank: 2245
44 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 3062
38 B
1 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4345
235 B
1 tremorhub.com
criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2771
398 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 505
35 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 912
225 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 839
218 B
1 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1128
422 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1425
880 B
1 ivitrack.com
matching.ivitrack.com — Cisco Umbrella Rank: 10064
265 B
1 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 703
199 B
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 419
1 KB
1 omnitagjs.com
visitor.omnitagjs.com — Cisco Umbrella Rank: 711
342 B
1 adform.net
cm.adform.net — Cisco Umbrella Rank: 1131
163 B
1 yahoo.net
hb.yahoo.net — Cisco Umbrella Rank: 693
315 B
1 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 414
140 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 2777
163 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1747
99 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 662
163 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 374
239 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 712
751 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 368
235 B
1 google-analytics.com
region1.google-analytics.com — Cisco Umbrella Rank: 2173
263 B
76 35
Domain Requested by
14 card-selection-ua.pu707ev.com 2 redirects card-selection-ua.pu707ev.com
4 f.pudaf.com fs.pudaf.com
4 gum.criteo.com 3 redirects dynamic.criteo.com
4 www.gstatic.com www.google.com
www.gstatic.com
4 www.google.com card-selection-ua.pu707ev.com
www.gstatic.com
www.google.com
3 ib.adnxs.com 2 redirects
2 dpm.demdex.net 1 redirects
2 r.casalemedia.com 1 redirects
2 dis.criteo.com
2 cm.g.doubleclick.net 2 redirects
2 fonts.gstatic.com www.google.com
2 www.googletagmanager.com card-selection-ua.pu707ev.com
www.googletagmanager.com
1 pagead2.googlesyndication.com fs.pudaf.com
1 beacon.krxd.net
1 e1.emxdgt.com
1 sync-criteo.ads.yieldmo.com
1 ad.yieldlab.net
1 criteo-partners.tremorhub.com
1 match.sharethrough.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 jadserve.postrelease.com
1 exchange.mediavine.com
1 matching.ivitrack.com
1 ad.360yield.com
1 id5-sync.com
1 visitor.omnitagjs.com
1 cm.adform.net
1 hb.yahoo.net
1 eb2.3lift.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 x.bidswitch.net
1 sslwidget.criteo.com dynamic.criteo.com
1 mug.criteo.com
1 dynamic.criteo.com card-selection-ua.pu707ev.com
1 region1.google-analytics.com www.googletagmanager.com
1 fs.pudaf.com card-selection-ua.pu707ev.com
76 41

This site contains links to these domains. Also see Links.

Domain
pin-up.ua
Subject Issuer Validity Valid
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-09 -
2024-07-08		 a year crt.sh
www.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
pinup-antifraud.com
Amazon RSA 2048 M02		 2023-06-13 -
2024-07-11		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.google.com
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-07		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-12-21 -
2024-12-21		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.smartadserver.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2024-01-17 -
2025-01-16		 a year crt.sh
*.taboola.com
DigiCert Global G3 TLS ECC SHA384 2020 CA1		 2023-10-23 -
2024-11-22		 a year crt.sh
teads.tv
R3		 2024-01-22 -
2024-04-21		 3 months crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
hb.yahoo.net
R3		 2023-12-18 -
2024-03-17		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.id5-sync.com
R3		 2024-01-01 -
2024-03-31		 3 months crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
itm.ivitrack.com
R3		 2023-12-14 -
2024-03-13		 3 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M02		 2023-06-06 -
2024-07-04		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-08-30 -
2024-09-28		 a year crt.sh
*.outbrain.com
Thawte TLS RSA CA G1		 2023-11-20 -
2024-11-27		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.tremorhub.com
Amazon RSA 2048 M03		 2024-01-24 -
2025-02-21		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-09-17 -
2024-09-17		 a year crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-04-04 -
2024-05-02		 a year crt.sh
*.emxdgt.com
Amazon RSA 2048 M01		 2023-05-03 -
2024-05-31		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-01-09 -
2024-04-02		 3 months crt.sh

This page contains 5 frames:

Primary Page: https://card-selection-ua.pu707ev.com/
Frame ID: 5F4F3D47717D87EED6A77DE215A6B96F
Requests: 34 HTTP requests in this frame

Frame: https://card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Frame ID: FCC10B402FCE1D3DB947BDD0A42D8886
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly9jYXJkLXNlbGVjdGlvbi11YS5wdTcwN2V2LmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=w5n3jp3uyj3e
Frame ID: 32020BC2E8591723700DEC495762D764
Requests: 8 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=card-selection-ua.pu707ev.com&origin=onetag
Frame ID: A3FC64AC0F329E204666E05E3252CF80
Requests: 2 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5a6FL51dV8Ldt9mVzR5htVicyM0s2TtbM5HipQ&google_gid=CAESEK3SJKgrv1mk35OPFJQSXoY&google_cver=1&google_ula=913071,0
Frame ID: 2BEDFB5C4FDFAF7711689EA5A1D17628
Requests: 28 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

10 000 UAH на перший депозит!

Page URL History Show full URLs

  1. http://card-selection-ua.pu707ev.com/ HTTP 301
    https://card-selection-ua.pu707ev.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com

Page Statistics

76
Requests

74 %
HTTPS

28 %
IPv6

35
Domains

41
Subdomains

38
IPs

7
Countries

982 kB
Transfer

2381 kB
Size

26
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://card-selection-ua.pu707ev.com/ HTTP 301
    https://card-selection-ua.pu707ev.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/scripts/jsd/main.js HTTP 302
  • https://card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Request Chain 27
  • https://gum.criteo.com/sid/json?origin=onetag&domain=pu707ev.com&sn=ChromeSyncframe&so=0&topUrl=card-selection-ua.pu707ev.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=V6n3S3xIMnJ3UW8vTUY5T0Jyb2tuSTBjclJ3N3ozZkNyditxV0k2QnZzeTBqZlppQ0U2anBNUUwrNktkaTVHVHVIVzNRc29QVDQvMm9CbGVmdXk1aHBDaWYrTUJ4K3lHbE9YV1dXcGxjNi9tUTBYS09mRUNrUjcrQ2U0c2hqL0lPckxXcHdGWEg4eEExSVJ5KzVTT3VMY2hmZVU1dm1ycDJLUzNCZUxhQS84U1dYWlB3TU1OWDZ1VEZTbkNQTk8wOTZLaVF4bit2TmNwUW1TeEJNelJFNVY1VkZJM2hFRitVL3N2TXRBaldTYVBnWG50dVJkOFhwaEcvaGxhMVR3cFlIdzFTNFRGcDE0eWxNTGJCa21TQjhpL05vUT09fA&cppv=2
Request Chain 29
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5a6FL51dV8Ldt9mVzR5htVicyM0s2TtbM5HipQ&google_cm&google_hm=ay01YTZGTDUxZFY4TGR0OW1WelI1aHRWaWN5TTBzMlR0Yk01SGlwUQ HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-5a6FL51dV8Ldt9mVzR5htVicyM0s2TtbM5HipQ&google_cm=&google_hm=ay01YTZGTDUxZFY4TGR0OW1WelI1aHRWaWN5TTBzMlR0Yk01SGlwUQ&google_tc= HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5a6FL51dV8Ldt9mVzR5htVicyM0s2TtbM5HipQ&google_gid=CAESEK3SJKgrv1mk35OPFJQSXoY&google_cver=1&google_ula=913071,0
Request Chain 31
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6891987578594085244
Request Chain 41
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W3t7rp1dV8Ldt9mVzR5htVicyM14tnDpVOw8JQ HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W3t7rp1dV8Ldt9mVzR5htVicyM14tnDpVOw8JQ&C=1
Request Chain 42
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nTZkyFqoiXLnDzqs0DkkdEl54bFbW3VS HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nTZkyFqoiXLnDzqs0DkkdEl54bFbW3VS
Request Chain 56
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=15qES8Hhq8iRqG-xXuf8S8WCw3oR6_iC

76 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
card-selection-ua.pu707ev.com/
Redirect Chain
  • http://card-selection-ua.pu707ev.com/
  • https://card-selection-ua.pu707ev.com/
21 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
24a6e87d2195ca693096898ce89596c39b3174440a64101d90595b12590dbfd7

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
8523d0cc8f2a1a6b-FRA
content-encoding
gzip
content-type
text/html
date
Thu, 08 Feb 2024 12:18:30 GMT
last-modified
Thu, 01 Feb 2024 12:47:39 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

CF-RAY
8523d0cb9cec2c42-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Thu, 08 Feb 2024 12:18:30 GMT
Expires
Thu, 08 Feb 2024 13:18:30 GMT
Location
https://card-selection-ua.pu707ev.com/
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
main.css
card-selection-ua.pu707ev.com/ 		26 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://card-selection-ua.pu707ev.com/main.css
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5271f599defaf996a6996e7010a9cab53d8fc30e5304e68e138aa2932f454b91

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 12:47:39 GMT
server
cloudflare
age
5104
etag
W/"65bb92eb-6740"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=14400
cf-ray
8523d0ccffd21a6b-FRA
logo_casino_ua.svg
card-selection-ua.pu707ev.com/img/logo/ 		9 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://card-selection-ua.pu707ev.com/img/logo/logo_casino_ua.svg
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c0da822bb8b46abe6be1db3368c5f10c763d108231f03cd62607784f922638d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 12:47:33 GMT
server
cloudflare
age
5104
etag
W/"65bb92e5-2200"
vary
Accept-Encoding
content-type
image/svg+xml
cache-control
max-age=14400
cf-ray
8523d0ccffd71a6b-FRA
title-freespins.png
card-selection-ua.pu707ev.com/img/titles/ 		27 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://card-selection-ua.pu707ev.com/img/titles/title-freespins.png
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0cb85610cb4dc1870e4f56cb1220c87673372c8277e8c544b68bbd1022011776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 12:47:33 GMT
server
cloudflare
age
5104
etag
W/"65bb92e5-6d63"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
cf-ray
8523d0ccffdd1a6b-FRA
title-bonus-ua.png
card-selection-ua.pu707ev.com/img/titles/ 		62 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://card-selection-ua.pu707ev.com/img/titles/title-bonus-ua.png
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2c95f8757d51965b557a4ec76c7d01c8900f96fe434d9ef451cbc72dd330e8e1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 12:47:32 GMT
server
cloudflare
age
3592
etag
W/"65bb92e4-f882"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
cf-ray
8523d0cd0fed1a6b-FRA
title-bonus-mob-ua.png
card-selection-ua.pu707ev.com/img/titles/ 		16 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://card-selection-ua.pu707ev.com/img/titles/title-bonus-mob-ua.png
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecbed8886c8eefb2c6d885ada7cb8db0019e5a9f40dc8ace11df8831c67cd96d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 12:47:32 GMT
server
cloudflare
age
5104
etag
W/"65bb92e4-3f2e"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
cf-ray
8523d0cd0ff01a6b-FRA
enterprise.js
www.google.com/recaptcha/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise.js?render=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
16753572ff44dc0eef0153f0ad2fd068e6eb2c1208a4fc0ca90690b23047f1fb
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 08 Feb 2024 12:18:30 GMT
bundle.js
card-selection-ua.pu707ev.com/ 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://card-selection-ua.pu707ev.com/bundle.js
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
479754b49bda76ee1836d91eb4e6fd1fc2c6df2a1665002713376ec5390803cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 12:47:30 GMT
server
cloudflare
age
5104
etag
W/"65bb92e2-13119"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=14400
cf-ray
8523d0cd0ff21a6b-FRA
gtm.js
www.googletagmanager.com/ 		196 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-K9NGKJ6
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
904e49177d3fec5badabe5ef474c2873b62ed16bfc1163b0884fdf978f33663f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
71014
x-xss-protection
0
last-modified
Thu, 08 Feb 2024 12:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 08 Feb 2024 12:18:30 GMT
fp.js
fs.pudaf.com/ 		395 KB
73 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fs.pudaf.com/fp.js
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.170.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-170-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a2da0dd4fa34dc47696812f9a5547f2b8776e2072d697f0b1d1682b419892852

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
last-modified
Tue, 23 Jan 2024 12:40:22 GMT
etag
W/"65afb3b6-62df7"
content-type
application/javascript
background.jpg
card-selection-ua.pu707ev.com/img/ 		71 KB
72 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://card-selection-ua.pu707ev.com/img/background.jpg
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e81c49cbf6ae424e247cc22a9fbea3acae4820b4af6b111136d4f0ac2d0b7be5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
cf-cache-status
HIT
cf-bgj
h2pri
last-modified
Thu, 01 Feb 2024 12:47:33 GMT
server
cloudflare
age
3591
etag
W/"65bb92e5-11db1"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=14400
cf-ray
8523d0cd48451a6b-FRA
card.png
card-selection-ua.pu707ev.com/img/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://card-selection-ua.pu707ev.com/img/card.png
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/main.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f864532f0e31e5f150df222aeecd2428c266f84e6540561f5aed999f168d154c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/main.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 12:47:31 GMT
server
cloudflare
age
4916
etag
W/"65bb92e3-233a"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
cf-ray
8523d0cd484d1a6b-FRA
recaptcha__de.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ 		493 KB
197 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise.js?render=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://card-selection-ua.pu707ev.com/
Origin
https://card-selection-ua.pu707ev.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200774
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Feb 2025 10:26:21 GMT
ukraine.png
card-selection-ua.pu707ev.com/img/country/ 		103 B
207 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://card-selection-ua.pu707ev.com/img/country/ukraine.png
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7857676d2ce89c1c210fc95d93c194d7057ecafbcee7fd4afcd365eb7f765416

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
cf-cache-status
HIT
last-modified
Thu, 01 Feb 2024 12:47:35 GMT
server
cloudflare
age
5935
etag
"65bb92e7-67"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
8523d0cde9411a6b-FRA
content-length
103
main.js
card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/ Frame FCC1
Redirect Chain
  • https://card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
  • https://card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0139ccdb0f387809d74995175f4b7ce2e0fec0feca901473ec0990bb58d7975b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cloudflare
vary
accept-encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
8523d0ce6a061a6b-FRA

Redirect headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
gzip
server
cloudflare
vary
accept-encoding
access-control-allow-origin
*
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/ea25f566/main.js
cache-control
max-age=300, public
cf-ray
8523d0ce19921a6b-FRA
js
www.googletagmanager.com/gtag/ 		252 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-ZEMNLVRX5B&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K9NGKJ6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a3d1c0c572c217d26e1c53805c341533f0c6e9bd2e892f6acf0508a5023cdc6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:30 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
88492
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 08 Feb 2024 12:18:30 GMT
8523d0cc8f2a1a6b
card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/h/g/jsd/r/ Frame FCC1 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/h/g/jsd/r/8523d0cc8f2a1a6b
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/cdn-cgi/challenge-platform/scripts/jsd/main.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:d54 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/json

Response headers

date
Thu, 08 Feb 2024 12:18:31 GMT
content-encoding
gzip
server
cloudflare
cf-ray
8523d0d01cd21a6b-FRA
content-type
text/plain; charset=UTF-8
anchor
www.google.com/recaptcha/enterprise/ Frame 3202 		45 KB
28 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly9jYXJkLXNlbGVjdGlvbi11YS5wdTcwN2V2LmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=w5n3jp3uyj3e
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f8d0ffb0f306f8a79fe7e4304b8a4353e23b24f671e0395bc0aea7f9ba97ace7
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-rEKHLf_GM2yhMe6qVG3hvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://card-selection-ua.pu707ev.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-rEKHLf_GM2yhMe6qVG3hvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 12:18:31 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
collect
region1.google-analytics.com/g/ 		0
263 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-ZEMNLVRX5B&gtm=45je4250v893553467z8893139893za200&_p=1707394710541&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=583075001.1707394711&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707394711&sct=1&seg=0&dl=https%3A%2F%2Fcard-selection-ua.pu707ev.com%2F&dt=10%20000%20UAH%20%D0%BD%D0%B0%20%D0%BF%D0%B5%D1%80%D1%88%D0%B8%D0%B9%20%D0%B4%D0%B5%D0%BF%D0%BE%D0%B7%D0%B8%D1%82!&en=page_view&_fv=1&_nsi=1&_ss=1&ep.timestamp=2024-02-08T13%3A18%3A30.771%2B01%3A00&ep.gtm_version=GTM-K9NGKJ6%20%7C%20v.%205&up.clientId=&tfd=836
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-ZEMNLVRX5B&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:31 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://card-selection-ua.pu707ev.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
styles__ltr.css
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 3202 		55 KB
24 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly9jYXJkLXNlbGVjdGlvbi11YS5wdTcwN2V2LmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=w5n3jp3uyj3e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:12:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
358
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24606
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Feb 2025 12:12:33 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/ Frame 3202 		493 KB
196 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly9jYXJkLXNlbGVjdGlvbi11YS5wdTcwN2V2LmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=w5n3jp3uyj3e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 10:26:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6730
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
200774
x-xss-protection
0
last-modified
Mon, 05 Feb 2024 05:00:25 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Feb 2025 10:26:21 GMT
zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js
www.google.com/js/bg/ Frame 3202 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/js/bg/zftWH1OehvU7cp4CwShG1rGJcDUeSLUwVTlpfhapoYQ.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly9jYXJkLXNlbGVjdGlvbi11YS5wdTcwN2V2LmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=w5n3jp3uyj3e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 00:00:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
44284
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6922
x-xss-protection
0
last-modified
Mon, 15 Jan 2024 10:00:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 07 Feb 2025 00:00:27 GMT
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 3202 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/x5WWoE57Fv0d6ATKsLDIAKnt/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 19:56:54 GMT
x-content-type-options
nosniff
age
231697
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
expires
Mon, 12 Feb 2024 19:56:54 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3202 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly9jYXJkLXNlbGVjdGlvbi11YS5wdTcwN2V2LmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=w5n3jp3uyj3e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Mon, 05 Feb 2024 05:31:50 GMT
x-content-type-options
nosniff
age
283601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 04 Feb 2025 05:31:50 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 3202 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly9jYXJkLXNlbGVjdGlvbi11YS5wdTcwN2V2LmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=w5n3jp3uyj3e
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Tue, 06 Feb 2024 09:09:14 GMT
x-content-type-options
nosniff
age
184157
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 05 Feb 2025 09:09:14 GMT
webworker.js
www.google.com/recaptcha/enterprise/ Frame 3202 		102 B
135 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/enterprise/webworker.js?hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly9jYXJkLXNlbGVjdGlvbi11YS5wdTcwN2V2LmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=w5n3jp3uyj3e
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/enterprise/anchor?ar=1&k=6LfVBbEcAAAAAGE5MyjJ9RaZpnhVRSVkoxla-ELn&co=aHR0cHM6Ly9jYXJkLXNlbGVjdGlvbi11YS5wdTcwN2V2LmNvbTo0NDM.&hl=de&v=x5WWoE57Fv0d6ATKsLDIAKnt&size=invisible&cb=w5n3jp3uyj3e
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
frame-ancestors 'self'
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
expires
Thu, 08 Feb 2024 12:18:31 GMT
ld.js
dynamic.criteo.com/js/ld/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dynamic.criteo.com/js/ld/ld.js?a=103828
Requested by
Host: card-selection-ua.pu707ev.com
URL: https://card-selection-ua.pu707ev.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
828923d3bcb621f5c84881e38fef50fa25943b22d38fa5c8a8fdd826fa74a554
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:31 GMT
content-encoding
br
strict-transport-security
max-age=31536000; preload;
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public,max-age=10800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
syncframe
gum.criteo.com/ Frame A3FC 		14 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=card-selection-ua.pu707ev.com&origin=onetag
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=103828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://card-selection-ua.pu707ev.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 08 Feb 2024 12:18:31 GMT
server
Kestrel
server-processing-duration-in-ticks
369244
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
x-robots-tag
noindex
sid
mug.criteo.com/ Frame A3FC
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=onetag&domain=pu707ev.com&sn=ChromeSyncframe&so=0&topUrl=card-selection-ua.pu707ev.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=V6n3S3xIMnJ3UW8vTUY5T0Jyb2tuSTBjclJ3N3ozZkNyditxV0k2QnZzeTBqZlppQ0U2anBNUUwrNktkaTVHVHVIVzNRc29QVDQvMm9CbGVmdXk1aHBDaWYrTUJ4K3lHbE9YV1dXcGxjNi9tUTBYS09mRUNrUjcrQ2U0c2...
446 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=V6n3S3xIMnJ3UW8vTUY5T0Jyb2tuSTBjclJ3N3ozZkNyditxV0k2QnZzeTBqZlppQ0U2anBNUUwrNktkaTVHVHVIVzNRc29QVDQvMm9CbGVmdXk1aHBDaWYrTUJ4K3lHbE9YV1dXcGxjNi9tUTBYS09mRUNrUjcrQ2U0c2hqL0lPckxXcHdGWEg4eEExSVJ5KzVTT3VMY2hmZVU1dm1ycDJLUzNCZUxhQS84U1dYWlB3TU1OWDZ1VEZTbkNQTk8wOTZLaVF4bit2TmNwUW1TeEJNelJFNVY1VkZJM2hFRitVL3N2TXRBaldTYVBnWG50dVJkOFhwaEcvaGxhMVR3cFlIdzFTNFRGcDE0eWxNTGJCa21TQjhpL05vUT09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e65541a6f476a9f0a9c0f0d128c2906879917046fe137428d6580d17cea70469
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:31 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1083268
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=V6n3S3xIMnJ3UW8vTUY5T0Jyb2tuSTBjclJ3N3ozZkNyditxV0k2QnZzeTBqZlppQ0U2anBNUUwrNktkaTVHVHVIVzNRc29QVDQvMm9CbGVmdXk1aHBDaWYrTUJ4K3lHbE9YV1dXcGxjNi9tUTBYS09mRUNrUjcrQ2U0c2hqL0lPckxXcHdGWEg4eEExSVJ5KzVTT3VMY2hmZVU1dm1ycDJLUzNCZUxhQS84U1dYWlB3TU1OWDZ1VEZTbkNQTk8wOTZLaVF4bit2TmNwUW1TeEJNelJFNVY1VkZJM2hFRitVL3N2TXRBaldTYVBnWG50dVJkOFhwaEcvaGxhMVR3cFlIdzFTNFRGcDE0eWxNTGJCa21TQjhpL05vUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
314603
content-length
0
expires
0
event
sslwidget.criteo.com/ 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=103828&v=5.21.0&otl=1&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=3Qx8Tl9SeWVjOSUyRk51SUczYjdtQXNlWU1ienNTMHhJQmNDZE5TVHpYJTJCak9FT3NnODZyMTJEYXZyR1VoYlpZM2hoeiUyRnBlZGRDOGFVbFhlbSUyRjVHQjV1SjNzZTcxdCUyRiUyRmhodUkwQ3U0MFdJJTJCTVBoWHA0Y3FjZXFlZDJXTSUyQkw4OVFpYmxocVlHT3pCYlJReVg0bWxtJTJGWjViNG1xeXclM0QlM0Q&tld=pu707ev.com&dy=1&fu=https%253A%252F%252Fcard-selection-ua.pu707ev.com%252F&ceid=1305e8ea-ce50-4afc-ac56-6476540f6f96&dtycbr=20745
Requested by
Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=103828
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1a010781794707ec04b64cb3745c4dd22ca48463c351a7ffbfe73723d81f169f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:31 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
9379439
timing-allow-origin
*
expires
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 2BED
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-5a6FL51dV8Ldt9mVzR5htVicyM0s2TtbM5HipQ&google_cm&google_hm=ay01YTZGTDUxZFY4TGR0OW1WelI1aHRWaWN5TTBzMlR0Y...
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-5a6FL51dV8Ldt9mVzR5htVicyM0s2TtbM5HipQ&google_cm=&google_hm=ay01YTZGTDUxZFY4TGR0OW1WelI1aHRWaWN5TTBzMlR...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5a6FL51dV8Ldt9mVzR5htVicyM0s2TtbM5HipQ&google_gid=CAESEK3SJKgrv1mk35OPFJQSXoY&google_cver=1&google_ula=913071,0
43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5a6FL51dV8Ldt9mVzR5htVicyM0s2TtbM5HipQ&google_gid=CAESEK3SJKgrv1mk35OPFJQSXoY&google_cver=1&google_ula=913071,0
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
634684
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-5a6FL51dV8Ldt9mVzR5htVicyM0s2TtbM5HipQ&google_gid=CAESEK3SJKgrv1mk35OPFJQSXoY&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 2BED 		43 B
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=46&user_id=k-zBtCM51dV8Ldt9mVzR5htVicyM2reqNqtUXn4A&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
91.149.214.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 12:18:32 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 2BED
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6891987578594085244
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6891987578594085244
Protocol
H2
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:31 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1011663
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
an-x-request-uuid
eac6f666-7c18-4242-9e5f-eb63edd8f946
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6891987578594085244
x-proxy-origin
80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 2BED 		53 B
751 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-XU4yO51dV8Ldt9mVzR5htVicyM2GlAkv60d7mQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-20-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 08 Feb 2024 12:18:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
alt-svc
h3=":443"; ma=93600
content-length
53
x-mnet-hl2
E
expires
Thu, 08 Feb 2024 12:18:32 GMT
tap.php
pixel.rubiconproject.com/ Frame 2BED 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-hwLgYJ1dV8Ldt9mVzR5htVicyM24M4XUl-ldHQ&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3db54fddb1cb324ce2cdd5a6ec3dc2dd
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
/
rtb-csync.smartadserver.com/redir/ Frame 2BED 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-lUZolp1dV8Ldt9mVzR5htVicyM1Zu3vij3dA1Q
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.196.111.72 Lille, France, ASN16276 (OVH, FR),
Reverse DNS
ip72.ip-5-196-111.eu
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
transfer-encoding
chunked
content-type
image/gif
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 2BED 		0
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-M2UuuZ1dV8Ldt9mVzR5htVicyM1TdK9ZkMa8tQ
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
41415
um
criteo-sync.teads.tv/ Frame 2BED 		23 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-a40L251dV8Ldt9mVzR5htVicyM1Pwtw5hDZBmQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.19.85.30 Düsseldorf, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-19-85-30.deploy.static.akamaitechnologies.com
Software
pekko-http/1.0.0 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires
Thu, 08 Feb 2024 12:18:32 GMT
pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
cache-control
max-age=0, no-cache, no-store
server
pekko-http/1.0.0
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 2BED 		37 B
140 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2711&xuid=k-tPueHZ1dV8Ldt9mVzR5htVicyM3tpnW9BSL7gA&dongle=013b
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
cksync.php
hb.yahoo.net/ Frame 2BED 		52 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hb.yahoo.net/cksync.php?cs=1&type=58301&ovsid=k-O7vLRp1dV8Ldt9mVzR5htVicyM2Au-NxnBa1DA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.110.65 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a88-221-110-65.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains, max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Thu, 08 Feb 2024 12:18:32 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
52
x-mnet-hl2
E
expires
Thu, 08 Feb 2024 12:18:32 GMT
pixel
cm.adform.net/ Frame 2BED 		43 B
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-liZZSZ1dV8Ldt9mVzR5htVicyM3nyS62K5Walw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.230 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
last-modified
Thu, 26 Oct 2023 07:49:04 GMT
server
nginx
accept-ranges
bytes
etag
"653a19f0-2b"
content-length
43
content-type
image/gif
sync
visitor.omnitagjs.com/visitor/ Frame 2BED 		49 B
342 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-LUKTGZ1dV8Ldt9mVzR5htVicyM0fSizOGVcQOQ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.153 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
p3p
CP="CAO PSA OUR"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
2
content-length
49
expires
0
rum
r.casalemedia.com/ Frame 2BED
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W3t7rp1dV8Ldt9mVzR5htVicyM14tnDpVOw8JQ
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W3t7rp1dV8Ldt9mVzR5htVicyM14tnDpVOw8JQ&C=1
43 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-W3t7rp1dV8Ldt9mVzR5htVicyM14tnDpVOw8JQ&C=1
Protocol
H2
Server
104.18.36.155 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PhyEmGHdQWW2Kr2uBoUlMMtDxWqkmAXzQ2q2uU8Af1Qa77Di71oX90lgdkjaZNgmd64JigKgtKOMtcRRPAOM3SLKXtZxISabf0BPV8cN8PESUSpdV8TLMJ4klr60lUMMb519"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
8523d0d95b3a453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Va%2BbqVKDgsMM6HJ6yVmXGvtHGIwJp6k6FLtHrXttc5KQsMpXRh6rCKbyTCW%2F0MA0jCW4QOdsOesTD5tK14%2BbmgSdyiWD%2BuPwUmcZLuLoAbNEyCrX7l3nZwuZ1IFySqupKOkf"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
/rum?cm_dsp_id=20&external_user_id=k-W3t7rp1dV8Ldt9mVzR5htVicyM14tnDpVOw8JQ&C=1
cache-control
no-cache
cf-ray
8523d0d8da35453a-TXL
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
demconf.jpg
dpm.demdex.net/ Frame 2BED
Redirect Chain
  • https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
  • https://dpm.demdex.net/ibs:dpid=28645&dpuuid=nTZkyFqoiXLnDzqs0DkkdEl54bFbW3VS
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nTZkyFqoiXLnDzqs0DkkdEl54bFbW3VS
42 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nTZkyFqoiXLnDzqs0DkkdEl54bFbW3VS
Protocol
H2
Server
18.203.3.59 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-3-59.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

dcs
dcs-prod-irl1-1-v054-0d3e12a4c.edge-irl1.demdex.com 3 ms
pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-encoding
gzip
x-tid
gKCilXi/Tws=
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
59
expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

dcs
dcs-prod-irl1-1-v054-037a2ac12.edge-irl1.demdex.com 0 ms
pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-tid
vODUJRpDRRM=
p3p
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=nTZkyFqoiXLnDzqs0DkkdEl54bFbW3VS
cache-control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 UTC
9.gif
id5-sync.com/s/966/ Frame 2BED 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/s/966/9.gif?puid=k-KfByQJ1dV8Ldt9mVzR5htVicyM0yOEPDBbcStg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Thu, 08 Feb 2024 12:18:32 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p
CP="CAO PSA OUR"
match
ad.360yield.com/ Frame 2BED 		43 B
199 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-Ef4EWp1dV8Ldt9mVzR5htVicyM345NVFpVqIIw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.77.245.236 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-245-236.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 08 Feb 2024 12:18:32 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
sync
matching.ivitrack.com/ Frame 2BED 		42 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://matching.ivitrack.com/sync?realm=criteo&uid=k-5dIkxp1dV8Ldt9mVzR5htVicyM0j5m0d0Jj6tw
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
22.157.117.34.bc.googleusercontent.com
Software
istio-envoy /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
x-envoy-decorator-operation
tag-manager.programmatic.svc.cluster.local:3000/*
via
1.1 google
server
istio-envoy
content-type
image/gif
cache-control
public, max-age=86400
x-envoy-upstream-service-time
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 2BED 		0
880 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-RUnyCJ1dV8Ldt9mVzR5htVicyM1CV285Xe_uEw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.59.154 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-59-154.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
1017
jadserve.postrelease.com/suid/ Frame 2BED 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/suid/1017?vk=k-J4gnpZ1dV8Ldt9mVzR5htVicyM0dzuB9FoGnpA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.162.162.179 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-162-162-179.us-west-2.compute.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
cookie-sync
sync.outbrain.com/ Frame 2BED 		0
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-W31Z_51dV8Ldt9mVzR5htVicyM1hOGkMMkuZZA&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.202.112.255 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date
Thu, 08 Feb 2024 12:18:32 GMT
Cache-Control
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
X-TraceId
13b04126d34a098e16cbb56270742d30
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 2BED 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-n_nNEJ1dV8Ldt9mVzR5htVicyM0USraF0HYFZg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.205 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Thu, 08 Feb 2024 12:18:31 GMT
cache-control
no-store, no-cache, private
content-encoding
gzip
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
v1
match.sharethrough.com/sync/ Frame 2BED 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-oUAkLZ1dV8Ldt9mVzR5htVicyM35kgAaUWqNFQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.191.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-191-31.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
sync
criteo-partners.tremorhub.com/ Frame 2BED 		43 B
398 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-partners.tremorhub.com/sync?UICR=k-xyDN1Z1dV8Ldt9mVzR5htVicyM0pcdkwOIZPNA
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:612b:4264:c31d:e2c0:922a:b714 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date
Thu, 08 Feb 2024 12:18:32 GMT
server
nginx
content-type
image/gif
m
ad.yieldlab.net/ Frame 2BED 		0
235 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.yieldlab.net/m?dt_id=8664&ext_id=k-pVywR51dV8Ldt9mVzR5htVicyM37pqa7s8TfKg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 08 Feb 2024 12:18:32 GMT
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Expires
Wed, 07 Feb 2024 12:18:32 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 2BED 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-hPr1A51dV8Ldt9mVzR5htVicyM0t2ZCc1RQn7w&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.110.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-110-33.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
content-length
0
put
e1.emxdgt.com/ Frame 2BED 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e1.emxdgt.com/put?d=d53&uid=k-YXBdFp1dV8Ldt9mVzR5htVicyM0PAOxBjjUoSw
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.199.8 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-199-8.eu-central-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
server
awselb/2.0
setuid
ib.adnxs.com/ Frame 2BED 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=52&code=k-7RVlUJ1dV8Ldt9mVzR5htVicyM2X_rORHKFV-Q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.123 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.23.4 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 08 Feb 2024 12:18:32 GMT
an-x-request-uuid
603f119c-cc1f-433e-b2b4-0ffb9acb0984
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
image/gif
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.104; 80.255.7.104; 868.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
content-length
43
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch.gif
beacon.krxd.net/ Frame 2BED
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=15qES8Hhq8iRqG-xXuf8S8WCw3oR6_iC
0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=15qES8Hhq8iRqG-xXuf8S8WCw3oR6_iC
Protocol
H2
Server
18.203.91.219 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-203-91-219.eu-west-1.compute.amazonaws.com
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:32 GMT
server
awselb/2.0

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=15qES8Hhq8iRqG-xXuf8S8WCw3oR6_iC
date
Thu, 08 Feb 2024 12:18:32 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
705705
content-length
0
9363765e-5296-481e-ae71-abc404766e99
f.pudaf.com/p/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/9363765e-5296-481e-ae71-abc404766e99?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=9363765e-5296-481e-ae71-abc404766e99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.170.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-170-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://card-selection-ua.pu707ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
43200
date
Thu, 08 Feb 2024 12:18:33 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
9363765e-5296-481e-ae71-abc404766e99
f.pudaf.com/p/ 		21 B
733 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/9363765e-5296-481e-ae71-abc404766e99?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=9363765e-5296-481e-ae71-abc404766e99
Requested by
Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.170.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-170-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60

Request headers

Accept
application/json, text/html, text/plain
Referer
https://card-selection-ua.pu707ev.com/
If-None-Match
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/octet-stream

Response headers

date
Thu, 08 Feb 2024 12:18:33 GMT
last-modified
Thu, 08 Feb 2024 12:16:53 GMT
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
65c4c699ba18848391b4db80
vary
Origin
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length
21
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://card-selection-ua.pu707ev.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date
Thu, 08 Feb 2024 12:18:33 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51247
x-xss-protection
0
server
cafe
etag
7910318051332183561
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Thu, 08 Feb 2024 12:18:33 GMT
2451837e-cebc-43ea-9993-6d2a16989017
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/2451837e-cebc-43ea-9993-6d2a16989017
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
9658b525-4feb-4241-bdb2-8e4d936a01e3
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/9658b525-4feb-4241-bdb2-8e4d936a01e3
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
2c26a5fa-16d2-43fd-914b-62d27976a848
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/2c26a5fa-16d2-43fd-914b-62d27976a848
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
3efaeab9-26d6-4382-86be-ab9ecebb05af
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/3efaeab9-26d6-4382-86be-ab9ecebb05af
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
8e980f26-a1fc-45f7-b9a3-c4da1ad14b15
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/8e980f26-a1fc-45f7-b9a3-c4da1ad14b15
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
0381d030-11bd-416b-b8f0-0ac6fb578cce
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/0381d030-11bd-416b-b8f0-0ac6fb578cce
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
6582af79-89ff-44de-8006-06cf33b20fdd
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/6582af79-89ff-44de-8006-06cf33b20fdd
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
bb4b87ce-605d-4850-848c-2cb6550f2bd6
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/bb4b87ce-605d-4850-848c-2cb6550f2bd6
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
5f94dd4c-e709-45c4-9ac3-004d56d3a8d5
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/5f94dd4c-e709-45c4-9ac3-004d56d3a8d5
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
d5d2165d-3254-41bf-9ab7-4e7657124021
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/d5d2165d-3254-41bf-9ab7-4e7657124021
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
4a85bc55-06cc-4d15-8fdb-479c014a3e98
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/4a85bc55-06cc-4d15-8fdb-479c014a3e98
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
2de56a02-7467-49c4-8d4a-410a207951c0
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/2de56a02-7467-49c4-8d4a-410a207951c0
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
34675d13-6329-4c35-9e51-08db942b642d
https://card-selection-ua.pu707ev.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://card-selection-ua.pu707ev.com/34675d13-6329-4c35-9e51-08db942b642d
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Length
419
Content-Type
application/javascript
9363765e-5296-481e-ae71-abc404766e99
f.pudaf.com/p/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/9363765e-5296-481e-ae71-abc404766e99?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=9363765e-5296-481e-ae71-abc404766e99
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.170.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-170-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,if-none-match
Access-Control-Request-Method
POST
Origin
https://card-selection-ua.pu707ev.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-headers
Origin,Content-Length,Content-Type,if-none-match
access-control-allow-methods
GET,POST,HEAD,PUT,DELETE,PATCH
access-control-allow-origin
*
access-control-max-age
43200
date
Thu, 08 Feb 2024 12:18:35 GMT
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
9363765e-5296-481e-ae71-abc404766e99
f.pudaf.com/p/ 		21 B
733 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://f.pudaf.com/p/9363765e-5296-481e-ae71-abc404766e99?api=vyg6SLajEWjklRFo1ig1JqhMkSHHpSp3FLYvfzZE&si=9363765e-5296-481e-ae71-abc404766e99
Requested by
Host: fs.pudaf.com
URL: https://fs.pudaf.com/fp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.58.170.73 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-170-73.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60

Request headers

Accept
application/json, text/html, text/plain
Referer
https://card-selection-ua.pu707ev.com/
If-None-Match
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Content-Type
application/octet-stream

Response headers

date
Thu, 08 Feb 2024 12:18:35 GMT
last-modified
Thu, 08 Feb 2024 12:16:55 GMT
accept-ch
sec-ch-ua,ua,sec-ch-ua-platformua-platform,sec-ch-ua-mobile,ua-mobile,sec-ch-ua-full-version,ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-platform-version,ua-platform-version,sec-ch-ua-arch,ua-arch,sec-ch-ua-bitness,ua-bitness,sec-ch-ua-wow64,sec-ch-ua-model,ua-model,sec-ch-lang,lang,sec-ch-save-data,save-data,sec-ch-width,width,sec-ch-viewport-width,viewport-width,sec-ch-viewport-height,viewport-height,sec-ch-dpr,dpr,sec-ch-device-memory,device-memory,sec-ch-rtt,rtt,sec-ch-downlink,downlink,sec-ch-ect,ect,sec-ch-prefers-color-scheme,sec-ch-prefers-reduced-motion,sec-ch-prefers-reduced-transparency,sec-ch-prefers-contrast,sec-ch-forced-colors
etag
65c4c69bba18848391b4dbe2
vary
Origin
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
If-Match,If-Modified-Since,If-None-Match,ETag,Last-Modified
content-length
21

Verdicts & Comments Add Verdict or Comment

31 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| landingConfig object| dataLayer string| afto function| aft object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client undefined| siteLink object| phonePattern object| links object| pageState object| formNotif object| google_tag_manager object| google_tag_data string| afti function| aftUUID function| aftSID function| aftUID function| aftGenSID object| recaptcha object| closure_lm_571261 function| onYouTubeIframeAPIReady object| gaGlobal object| criteo_q object| Criteo

26 Cookies

Domain/Path Name / Value
.pu707ev.com/ Name: __cf_bm
Value: n2oEstrhR0nQRf8uZD7lMIVgakTzVU6iuHrBk5m0RQQ-1707394710-1-AZdumpsHbf0gO0nztgh+oOceguBtl0ZokHp7wOgUqNdKV5aB+7qhMsTLj36VUKfQ+oUZW67Qwx+4VCRaYakAieg=
.pu707ev.com/ Name: _ga
Value: GA1.1.583075001.1707394711
.pu707ev.com/ Name: _ga_ZEMNLVRX5B
Value: GS1.1.1707394711.1.0.1707394711.0.0.0
.pu707ev.com/ Name: cf_clearance
Value: FQqNu.KoQEXCBeZH.jlAmKlRXF_6.aHmXFpAsRkMmg8-1707394711-1-AWsFox2Le9IJyay0SqRyKsmhFS5A6Zcf9EjW0pUIHJym68OSGSuL2aSMbK2Y7qyzVhNxo3zSm6/6gu9VpdWAEcA=
.criteo.com/ Name: uid
Value: 2578ba81-037f-4a27-9ec1-e4370c775eaa
.criteo.com/ Name: receive-cookie-deprecation
Value: 1
.pu707ev.com/ Name: cto_bundle
Value: 3Qx8Tl9SeWVjOSUyRk51SUczYjdtQXNlWU1ienNTMHhJQmNDZE5TVHpYJTJCak9FT3NnODZyMTJEYXZyR1VoYlpZM2hoeiUyRnBlZGRDOGFVbFhlbSUyRjVHQjV1SjNzZTcxdCUyRiUyRmhodUkwQ3U0MFdJJTJCTVBoWHA0Y3FjZXFlZDJXTSUyQkw4OVFpYmxocVlHT3pCYlJReVg0bWxtJTJGWjViNG1xeXclM0QlM0Q
.adnxs.com/ Name: XANDR_PANID
Value: 5sxueBmrq6geppQzwPliTUMbXPjafhiRMq0VP63aG1Lis3siiQx2Q3zNXPyLanyXPOWlvpilKLifhVta6DAyw2HLZDfSALpi2oiwfMYBhHk.
.adnxs.com/ Name: receive-cookie-deprecation
Value: 1
.adnxs.com/ Name: uuid2
Value: 6891987578594085244
.doubleclick.net/ Name: IDE
Value: AHWqTUn8uZvi5fB2O_wY0xTQf_KvK-N_1pCnIk22eEbsNueOq0anAkdu71rbpAvJKiI
.demdex.net/ Name: demdex
Value: 06739372195267405613965881697168335749
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2GTsk!:E#!]tbPl@/D!9hy6]/Cwgc0sLfvg>p9idG+4z4/q=ffBF^?25Sngk0mn[fCVgelJ_+]>lhhboI8<S%nugO%v4VB%nofE+<0#Q
.dpm.demdex.net/ Name: dpm
Value: 06739372195267405613965881697168335749
.omnitagjs.com/ Name: ayl_visitor
Value: b93e7f79ec52516a0f6a2c773c43146a
.casalemedia.com/ Name: CMID
Value: ZcTGmDNJLMOo8s1L-z9amQAA
.casalemedia.com/ Name: CMPS
Value: 5286
.casalemedia.com/ Name: CMPRO
Value: 5286
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%222ccf6de0-c67c-11ee-90d4-776bb4cf6119%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%222ccf6de0-c67c-11ee-90d4-776bb4cf6119%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%222ccf6de0-c67c-11ee-90d4-776bb4cf6119%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%222ccf6de0-c67c-11ee-90d4-776bb4cf6119%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-RUnyCJ1dV8Ldt9mVzR5htVicyM1CV285Xe_uEw%22%2C%22version%22%3A%22criteo%22%7D
.tremorhub.com/ Name: tvid
Value: 4714e1ac925047a3a5592b0f7ec7838c
.tremorhub.com/ Name: tv_UICR
Value: k-xyDN1Z1dV8Ldt9mVzR5htVicyM0pcdkwOIZPNA
.postrelease.com/ Name: opt_out
Value: 1

48 Console Messages

Source Level URL
Text
other warning URL: https://fs.pudaf.com/fp.js
Message:
The AudioContext was not allowed to start. It must be resumed (or created) after a user gesture on the page. https://goo.gl/7K7WLu
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.
other warning URL: https://card-selection-ua.pu707ev.com/
Message:
Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
beacon.krxd.net
card-selection-ua.pu707ev.com
cm.adform.net
cm.g.doubleclick.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
f.pudaf.com
fonts.gstatic.com
fs.pudaf.com
gum.criteo.com
hb.yahoo.net
ib.adnxs.com
id5-sync.com
jadserve.postrelease.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
pagead2.googlesyndication.com
pixel.rubiconproject.com
r.casalemedia.com
region1.google-analytics.com
rtb-csync.smartadserver.com
simage2.pubmatic.com
sslwidget.criteo.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
visitor.omnitagjs.com
www.google.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.18.36.155
141.226.228.48
142.250.185.98
162.19.138.117
178.250.1.9
18.195.199.8
18.203.3.59
18.203.91.219
184.30.20.22
185.255.84.153
198.47.127.205
2.19.85.30
2001:4860:4802:34::36
23.35.237.75
2600:1f18:612b:4264:c31d:e2c0:922a:b714
2606:4700:10::6816:c54
2606:4700:10::6816:d54
2a00:1450:4001:811::2008
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2003
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:2638:3::c
2a02:2638:3::e
34.117.157.22
35.162.162.179
35.214.149.91
37.157.2.230
37.252.172.123
5.196.111.72
52.18.110.33
52.28.191.31
52.28.59.154
52.58.170.73
54.77.245.236
64.202.112.255
69.173.144.139
76.223.111.18
88.221.110.65
0139ccdb0f387809d74995175f4b7ce2e0fec0feca901473ec0990bb58d7975b
0cb85610cb4dc1870e4f56cb1220c87673372c8277e8c544b68bbd1022011776
16753572ff44dc0eef0153f0ad2fd068e6eb2c1208a4fc0ca90690b23047f1fb
1a010781794707ec04b64cb3745c4dd22ca48463c351a7ffbfe73723d81f169f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
24a6e87d2195ca693096898ce89596c39b3174440a64101d90595b12590dbfd7
2c95f8757d51965b557a4ec76c7d01c8900f96fe434d9ef451cbc72dd330e8e1
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
479754b49bda76ee1836d91eb4e6fd1fc2c6df2a1665002713376ec5390803cb
4abf9b7abadb46bb07b55d2551254999420515d76e9d5f6542407e892f731d60
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4fe976ce3e57febb0b359569ce54df245fe08132eda2d1362f9f6cb45b4ce4aa
5271f599defaf996a6996e7010a9cab53d8fc30e5304e68e138aa2932f454b91
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5f20338b9aab2f5f33562eb3b0b23d999896ce426cacd2231b4123510571df4e
5f6743903bd9d7ad035a75142c509b67e8831a48487246272bc0751097790d6b
7857676d2ce89c1c210fc95d93c194d7057ecafbcee7fd4afcd365eb7f765416
7859a62e04b0acb06516eb12454de6673883ecfaeaed6c254659bca7cd59c050
828923d3bcb621f5c84881e38fef50fa25943b22d38fa5c8a8fdd826fa74a554
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
904e49177d3fec5badabe5ef474c2873b62ed16bfc1163b0884fdf978f33663f
9d96b2fe2d8d4a398a846ebee84e5e70ec37e0fc613b3e2a5aaa81b1bf2d8470
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2da0dd4fa34dc47696812f9a5547f2b8776e2072d697f0b1d1682b419892852
a3d1c0c572c217d26e1c53805c341533f0c6e9bd2e892f6acf0508a5023cdc6b
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c0da822bb8b46abe6be1db3368c5f10c763d108231f03cd62607784f922638d0
cdfb561f539e86f53b729e02c12846d6b18970351e48b5305539697e16a9a184
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
da38d3e3b25f4bd39761adb2517f234e1b291293d6582e7c58ea5b335f205f38
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e65541a6f476a9f0a9c0f0d128c2906879917046fe137428d6580d17cea70469
e81c49cbf6ae424e247cc22a9fbea3acae4820b4af6b111136d4f0ac2d0b7be5
ecbed8886c8eefb2c6d885ada7cb8db0019e5a9f40dc8ace11df8831c67cd96d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f864532f0e31e5f150df222aeecd2428c266f84e6540561f5aed999f168d154c
f8d0ffb0f306f8a79fe7e4304b8a4353e23b24f671e0395bc0aea7f9ba97ace7
ff9ce35d5fae856bab207c9f8d8eb3dff6354f007ea9f9b9a32f5cc018d52876