www.pua-unemployment-login.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.pua-unemployment-login.com/new_york
Effective URL:
https://www.pua-unemployment-login.com/new_york
Submission: On May 10 via manual (May 10th 2022, 8:44:14 pm UTC) from US — Scanned from DE

Summary HTTP 153 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 31 IPs in 5 countries across 20 domains to perform 153 HTTP transactions. The main IP is 2a06:98c1:3120::a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.pua-unemployment-login.com.
TLS certificate: Issued by E1 on March 19th 2022. Valid for: 3 months.

This is the only time www.pua-unemployment-login.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	2a06:98c1:312... 2a06:98c1:3120::a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:223... 2600:9000:223e:fc00:1e:6a6f:9700:93a1	16509 (AMAZON-02) (AMAZON-02)
6	23.35.237.86 23.35.237.86	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2.22.34.3 2.22.34.3	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
8	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
4 12	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
1	108.157.4.44 108.157.4.44	16509 (AMAZON-02) (AMAZON-02)
2	2600:1f18:e8a... 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
7	70.42.32.63 70.42.32.63	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
3	151.101.14.132 151.101.14.132	54113 (FASTLY) (FASTLY)
1	2600:9000:214... 2600:9000:214f:600:3:7e1c:5b40:93a1	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.117 108.157.4.117	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:225... 2600:9000:2251:0:d:3c0f:bcc0:93a1	16509 (AMAZON-02) (AMAZON-02)
3	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
12	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	130.211.115.4 130.211.115.4	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
21	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2600:9000:224... 2600:9000:224a:0:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
3	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
11	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
153	31

27 2a06:98c1:3120::a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.pua-unemployment-login.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
platform.foremedia.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223e:fc00:1e:6a6f:9700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cnt.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.35.237.86 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-86.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.22.34.3 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-22-34-3.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.44 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-44.dus51.r.cloudfront.net

ob.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

obs.cheqzone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 70.42.32.63 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

log.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mcdp-nydc1.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.14.132 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

odb.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mv.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:600:3:7e1c:5b40:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-117.dus51.r.cloudfront.net

stg.truvidplayer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2251:0:d:3c0f:bcc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s.trvdp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 130.211.115.4 (Council Bluffs, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 4.115.211.130.bc.googleusercontent.com

data.ad-score.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:224a:0:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	criteo.net static.criteo.net — Cisco Umbrella Rank: 621 pix.eu.criteo.net — Cisco Umbrella Rank: 7541 csm.eu.criteo.net — Cisco Umbrella Rank: 7580	99 KB
22	googlesyndication.com a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 130 pagead2.googlesyndication.com — Cisco Umbrella Rank: 95	93 KB
19	pua-unemployment-login.com 1 redirects www.pua-unemployment-login.com	371 KB
12	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1327 widget-pixels.outbrain.com — Cisco Umbrella Rank: 2750 odb.outbrain.com — Cisco Umbrella Rank: 1442 mcdp-nydc1.outbrain.com — Cisco Umbrella Rank: 5708 mv.outbrain.com — Cisco Umbrella Rank: 3326	116 KB
9	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11299 ads.eu.criteo.com — Cisco Umbrella Rank: 7544 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9487	159 KB
8	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 9163	3 KB
8	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 187	184 KB
8	foremedia.net platform.foremedia.net — Cisco Umbrella Rank: 188956	9 KB
7	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 4142 log.outbrainimg.com — Cisco Umbrella Rank: 2136 images.outbrainimg.com — Cisco Umbrella Rank: 1997	55 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 74 www.google.com — Cisco Umbrella Rank: 7	1 KB
4	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3290	70 KB
3	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1382	2 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 175	110 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 37	20 KB
3	cheqzone.com ob.cheqzone.com — Cisco Umbrella Rank: 7839 obs.cheqzone.com — Cisco Umbrella Rank: 5035	20 KB
3	trvdp.com cnt.trvdp.com — Cisco Umbrella Rank: 46884 go.trvdp.com — Cisco Umbrella Rank: 43463 s.trvdp.com — Cisco Umbrella Rank: 45366	187 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 71	106 KB
1	ad-score.com data.ad-score.com — Cisco Umbrella Rank: 5451	739 B
1	truvidplayer.com stg.truvidplayer.com — Cisco Umbrella Rank: 39518	4 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 7678	792 B
153	20

	Domain	Requested by
21	static.criteo.net	ads.eu.criteo.com
19	www.pua-unemployment-login.com	1 redirects www.pua-unemployment-login.com
12	tpc.googlesyndication.com	a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	pix.eu.criteo.net	ads.eu.criteo.com
8	mc.yandex.com	2 redirects www.pua-unemployment-login.com mc.yandex.ru
8	securepubads.g.doubleclick.net	platform.foremedia.net securepubads.g.doubleclick.net www.pua-unemployment-login.com
8	platform.foremedia.net	www.pua-unemployment-login.com platform.foremedia.net
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
5	csm.eu.criteo.net	ads.eu.criteo.com
5	widgets.outbrain.com	www.pua-unemployment-login.com widgets.outbrain.com
4	log.outbrainimg.com	widgets.outbrain.com
4	a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	mc.yandex.ru	2 redirects www.pua-unemployment-login.com
3	cat.fr.eu.criteo.com	ads.eu.criteo.com
3	secure-gl.imrworldwide.com	ads.eu.criteo.com
3	www.google.com	a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com tpc.googlesyndication.com
3	www.googletagservices.com	a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
3	ads.eu.criteo.com	a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
3	rtb.nl.eu.criteo.com	www.pua-unemployment-login.com
3	mcdp-nydc1.outbrain.com	widgets.outbrain.com
3	www.google-analytics.com	www.googletagmanager.com www.pua-unemployment-login.com www.google-analytics.com
2	images.outbrainimg.com	www.pua-unemployment-login.com
2	mv.outbrain.com	widgets.outbrain.com
2	obs.cheqzone.com	ob.cheqzone.com www.pua-unemployment-login.com
2	www.googletagmanager.com	platform.foremedia.net www.googletagmanager.com
1	data.ad-score.com	s.trvdp.com
1	s.trvdp.com	go.trvdp.com
1	stg.truvidplayer.com	go.trvdp.com
1	go.trvdp.com	cnt.trvdp.com
1	odb.outbrain.com	widgets.outbrain.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	ob.cheqzone.com	widgets.outbrain.com
1	widget-pixels.outbrain.com	www.pua-unemployment-login.com
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	cnt.trvdp.com	www.pua-unemployment-login.com
153	36

This site contains links to these domains. Also see Links.

Domain
www.outbrain.com
www.amazon.com

Subject Issuer	Validity	Valid
*.pua-unemployment-login.com E1	`2022-03-19` - `2022-06-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-26` - `2022-06-25`	a year	crt.sh
*.trvdp.com Amazon	`2021-09-24` - `2022-10-23`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.cheqzone.com Amazon	`2022-01-22` - `2023-02-20`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.truvidplayer.com Amazon	`2022-02-07` - `2023-03-07`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.ad-score.com Go Daddy Secure Certificate Authority - G2	`2021-09-02` - `2022-10-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-04-25` - `2022-07-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://www.pua-unemployment-login.com/new_york
Frame ID: 42861DED0121A9862751F694A7298530
Requests: 77 HTTP requests in this frame

Frame: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 91B2D0F219CE2D53DC9A9D9ABB186392
Requests: 1 HTTP requests in this frame

Frame: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 2CE8FF448F21C82A24A1211A1898CBAF
Requests: 9 HTTP requests in this frame

Frame: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 5544A1CA07D94B609AC6EFA4FA20908C
Requests: 10 HTTP requests in this frame

Frame: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 0625FE95E8F23E6227663EFB5BEFFDC4
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBQH_YtWAAE22J3ljAzsktqg5Xy57A&u=%7C2zDItZZ2ZeZ24m4QmPG3qyssz5D0aRUjG3iHGN8VOlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh21D9JdyWuQMCX56wCQsogXi3NiOwllbOTSMbnt9tUz_qpWe2W-jI2OTDdApiPbLKaBqEyJz0z7WKVKSjVgNDNczS0nBpOQnjrtgjRqprGERYvq6Q1lg2BE9OrrW2sneFbjs1dRO36GoHsepNk-j6BLKE2sO__q2fIgx3yfypSO87mn3VfqIFv0RWwyaPRDUaM_0Q2UPTRvK-mF3qEatSogDJpgw5exJ0uxnBdVsY1W_VoSjuohFzRpU-iYKukqHL9zTxYeion-qsnItmuP6Kdw9oeFk0Xriag7S5WimIyod_2C4NuLemd9Rx8WZRwF7V7WjpBvZ357-XgRaNhA7G0AtQ0hrwuqha9w5iGiEcm63Hl0PNvkMeJo140sQMJ-BjiZLvZEj8ZfHx5C9l1i9Ss&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFcDpmM56YpSoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEiQJP0IsMxZyv-ttnOMYb9lM48_u906k38tJ3wSmRJUqjCLgt0p2M8aRbYW1cXHEADaTYHSxDBPbptelJ3fJpVPatJtsSUQr3PyfrMa1-dA1RqLLX_6HJh6VoskhV5QTftZh_YWDkdY2-0t8AFALU4LO-X7oUYq4W3a_kCMJzk0S_Rcai9krmlsY01JrHVLG7_aGlek1O8wzQ-S_JTpcnD8YfpQXY28oyJvrVvMq0RpOLPQPuAOIL4esO_iab-URk-6vfnT0SDqAA-ydTddZwEcyb4qnubzoXtLjZsCYlcrXqcxvIKQgUmc1ylLu6SjaGWRG6en7Oa0EnUjOPqn_-m9MAfnl2HB_GKjLZ4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jfbTfcYay-eQAHTQz8emCTJ_0Ag%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: DDC15B9BEF8402DE7F15E9AC70C033B7
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBcH_YtWAAE22Iqr_aCtBpQlYNsfPg&u=%7C2zDItZZ2ZeaqyfWoYxNdNfbqhoZOlO%2F1H8NfV7dRvhY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-BiSE6tqOp4TSHWJrbBq4Zx5EiaZHzu7j7YT2K9a8KlrcWhhIOFgyxfOcEjItwH773XWpBEXHstbggDGIoYt0FNRpRUVSX6Nu4D2v8l7UTWvmQVujuM_fWsEPnMz2tfNlN3Br1KmqsgdFf-e4a_85NWpmUVNGTTgRQUfZHfFjwBB_s4m8s8qWz5ZRoECNV0EX10esXFij8_ANFiMWb5o3MnFtyJlTDsRZ55FNIwWu_bUP_mqJP8C5JfXUwG9pbzVt1kF2CMZ_AoxzcvM3hzs8sgHB8C7Bk70W8-7-Nm9jxyGT59JCpnAgrOTJLeQeB_k2vG7Rjo-UjNwbxmMpMNn_QT4pHdWisqsVXBrp48VXwbRaWbJYuQTiesivOoAe-gXNAP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRljYmM56YpeoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEiAJP0MLsBD59Jn1ZfILA_esXLkilV0MgAdh7kvt0Jlhi8scq1adX_julGm0dClqLXE3X50KYnP-u1ogBgyZL6Yv65aJYkdyl5zy59c-iNzL98jwzpRwv-OfEZzTMDlcfSM3UOXOiTA-5V0iAsic3SV2WePzmSB2D5ysAjzz_IYcY-8bA3i8DWtpZ_tNHDWnmAE0e_WUG9wKSCtwMBn1D8AtiIODSncBaO6yF-9FBeyBKRYHri5W3uNtzboU3PYOGfIeP_BIasNYj0x5nn05yNOAO84YcUeP1lwjsJ1GqqScnCmj-J7T7l1oLH1sNZ13eqqbEddpJzpfhhgTElkScNd9OsffDMeAp67PgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2haLB0RHIia1Ytr6QtKvTtShdlMA%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: 0673196ACDFC448C08BCF65C8B19AE2F
Requests: 13 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBIH_YtWAAE22OLakwdm83MgAgEDgQ&u=%7C%2B2ikcAIGH9W5xRZSmRGx%2BLGlta0Chs0ozJudaMWVXT4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA5hKUJQuFTAJdYxleDy0efHbqivfva4psifpQ3Jeczx6benwn03C8roVBBC2aOALaQEpHm5cC_E6kMvmXP9H-FJbq4p6GfB4VBFd8RCjiLxNFOlPn7hzry1Px0X0yoFkUnZPdhXhxBLOhMbHBo1R0oX4SMh3unis5ev-ziz4p9I-UuvdwHevbcAPAGtOJMCGb1STjeNyekFotYBIKKPkPZL5t6iikCd1CmfYCdSg_H73M-5dPLD9XLeZLB70ATnJUrfY_TUWawq-Od-6Gy6cnnkcIKa8WOuWnomgPi0lZYyVVnYzWlKOC9jrj7QeFvo5GxFCchyMGmE2iIKS4Wu8NdZ5nV12XdgWWyshoUQ9DmSJUr19yqr1PLoiUbHp0PgXc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDPSAmM56YpKoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEjgJP0OB1Hn9eFFed6nT_jJwgooD_6iT1WtgB0OK78_rxnQpQ4Ok8vjWy41flDpsFlLDOpO8MyYB_AM_O3Bso6komhrVS0bKnW_UNHkR5frhS4XOELxIBif4qHu3uGBHI-wZGe_O-5soKLY4N0vHKkKKfzri5o2d-EFWbcbX29wrg7khixTN0tc4p1wOc7Axnwc5IP0hlRC9c4sOrImlqOJj8YDAnh1ksf78V8HNb_1EIiuVJ0gSvbJFR61kjDTQgJN1Lbrmgm4HhrbZg-3_IrP4dSl2C7lbSTuceS0O2nh7KKU8VhpFqGcY2gV0TZ-7pGPkzLZ3Z0Sn2l2CTh6da_-mrfoXVltvA5P-AKrQA1qXgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1A8AqOjr4c1qE267pfUFDF27s0yw%26client%3Dca-pub-7011958834410891%26adurl%3D
Frame ID: 6BDFBA6E6E4D28FAE43477945B3B9C35
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 697B7C8A575BD4FECCA3819992B9F8FC
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B9EED28D83837472B2F93826D0E9D77D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Page not found - PUA Unemployment Login

Page URL History Show full URLs

http://www.pua-unemployment-login.com/new_york HTTP 301
https://www.pua-unemployment-login.com/new_york Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
<link[^>]+s\d+\.wp\.com
/wp-(?:content|includes)/

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

153
Requests

98 %
HTTPS

63 %
IPv6

20
Domains

36
Subdomains

31
IPs

5
Countries

1622 kB
Transfer

4195 kB
Size

24
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: https://www.outbrain.com/what-is/default/en
Title: Recommended by

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/goldbox?&_encoding=UTF8&tag=morningdough-20&linkCode=ur2&linkId=addffa3820d795ad48814fb7181eb8e9&camp=1789&creative=9325

Search URL Search Domain Scan URL

URL: https://www.amazon.com/Coupons/b?ie=UTF8&node=2231352011&_encoding=UTF8&tag=morningdough-20&linkCode=ur2&linkId=f770b179aa1c5f37c8dbab4b21375abd&camp=1789&creative=9325

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B00R20MPW2/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B00R20MPW2&linkCode=as2&tag=morningdough-20&linkId=7d94b02402bdd3500a59ca44da8ed8e8

Search URL Search Domain Scan URL

URL: https://www.amazon.com/gp/product/B004GJ6BY0/ref=as_li_tl?ie=UTF8&camp=1789&creative=9325&creativeASIN=B004GJ6BY0&linkCode=as2&tag=morningdough-20&linkId=ead5bcb530e5125f4b2a9dbb36190172

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.pua-unemployment-login.com/new_york HTTP 301
https://www.pua-unemployment-login.com/new_york Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31

https://mc.yandex.ru/watch/87761349 HTTP 302
https://mc.yandex.ru/watch/87761349/1

Request Chain 41

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9634.EAG9rdm4buxnaHLtN6SQwDWCM2Tt04wbvV1nnUxCf-2yZhbOfR9h8wbHo-els4Io.LqjLEIywWLiygVwlxRmpC48AKuk%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9634.rkdfjF_L8epC5V2W3FrlwdR2l-IPpnKJBD451qs2rp3Ekx6ahzafhri0p5AFAgYSb8glao7JlamG0y5wju50oT6AgTqUCy500Q74kyWlARY%2C.rNcxsO_SFIUktc6sVUCuBJ-DM1A%2C

Request Chain 49

https://mc.yandex.com/watch/87761349?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1031%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A57450714872%3Ahid%3A553182969%3Az%3A0%3Ai%3A20220510204408%3Aet%3A1652215448%3Ac%3A1%3Arn%3A44137793%3Arqn%3A1%3Au%3A1652215448646130186%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215446865%3Ads%3A0%2C19%2C764%2C1%2C42%2C0%2C%2C469%2C0%2C%2C%2C%2C1307%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215448%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1031%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A57450714872%3Ahid%3A553182969%3Az%3A0%3Ai%3A20220510204408%3Aet%3A1652215448%3Ac%3A1%3Arn%3A44137793%3Arqn%3A1%3Au%3A1652215448646130186%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215446865%3Ads%3A0%2C19%2C764%2C1%2C42%2C0%2C%2C469%2C0%2C%2C%2C%2C1307%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215448%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29

153 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

404

Primary Request new_york Show response
www.pua-unemployment-login.com/
Redirect Chain

http://www.pua-unemployment-login.com/new_york
https://www.pua-unemployment-login.com/new_york

46 KB
11 KB

784ms
764ms

Document
text/html

2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e16fe4288cd94baf606f7cb6c6ae75c11190d0d3ac08400baf30f7c15e9113b5

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 0
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, must-revalidate, max-age=0
cf-cache-status: DYNAMIC
cf-ray: 709582cf49218ffe-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Tue, 10 May 2022 20:44:07 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Wed, 11 Jan 1984 05:00:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4GRZyzskajsIYPF%2Fx7J3pbXwgu0L2q8wjTXMH1%2FRQuJFxtQHf1Iljw9kNIXbaVqA%2F2A1TSLfsW7rWgs2CDJCK6tD7Ec9Nc3OwT%2FveZfvPDsqg2DTfQ3XlYmf9Yp4x00q2%2BN0M3K8TsmMSZffOS0nNy%2BP6LNMUQ7pX4qC7wc%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: X-Forwarded-Proto,Accept-Encoding
x-cache: MISS

Redirect headers

CF-RAY: 709582cf0e989113-FRA
Cache-Control: max-age=3600
Connection: keep-alive
Date: Tue, 10 May 2022 20:44:06 GMT
Expires: Tue, 10 May 2022 21:44:06 GMT
Location: https://www.pua-unemployment-login.com/new_york
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XA1gxYMvAYUnOnX2JMIDKulFPp8yEsl4ZAGlKuSl7Ca47Or2iWIthE%2FZTumPVlg0xywpMu0agRcjPfxlrqqmhOs8OGjtt5%2BuPcRHe4sfbY%2BHUHxqxwXeB5ODCyCxcS76UJny1UehkKZCoYAdO0Y5Gbb7KrFwMj9gqai9YX8%3D"}],"group":"cf-nel","max_age":604800}
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics Show response
platform.foremedia.net/code/8428/ 1 KB
752 B 143ms
113ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/analytics
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecb02060fbb2cd5a6affe0d185aca6d9227a2c2fc53cd7b5be44ca9b95f2cec5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Fj6%2B8Z6UPjrb18kANAaGScMiRnHsvUhYfON0%2BTqOKuPJWy93WamvRxCCi1r8Gzc%2Bf2hHeuSdxbtuY7OjJXk7WCX7IAzNaHTtl7eVqczJljsg1bG6J8ygvbxuB6RIaCrcDaIS6ICQgki7GGOQFHIemNkFByyw"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 709582d46d75900a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 5681.js Show response
cnt.trvdp.com/js/1319/ 6 KB
2 KB 25ms
8ms Script
application/javascript 2600:9000:223e:fc00:1e:6a6f:9700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cnt.trvdp.com/js/1319/5681.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223e:fc00:1e:6a6f:9700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4257ae7fef496cc1b81dd5e2fab57e8c938400c10b11566bf3a7fe41ff622f5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 24 Nov 2021 17:39:48 GMT
content-encoding: br
last-modified: Wed, 24 Nov 2021 17:29:03 GMT
server: AmazonS3
age: 14439859
etag: W/"067d663d6cf48d47cd216775910d4fbb"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 5519a8cb450b567e8b7111ae986a9b4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
x-amz-cf-id: lpJPBh-1ic75wn9GON1yMZaq_fo0u8PSs9NoZ6xm_lgc5BTPlmllxQ==

GET
H2 200 style.min.css
www.pua-unemployment-login.com/wp-includes/css/dist/block-library/ 81 KB
12 KB 19ms
17ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-includes/css/dist/block-library/style.min.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Sat, 09 Apr 2022 09:46:05 GMT
server: cloudflare
age: 358
etag: W/"625155dd-145db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vVjyIz30tGsmd2SD8ASpHGO%2BZy9DSsWjm%2BhUJraYfeDZCjBzm388%2FessacmvH7GqRKpHvYp1vE3evKksETmT8h%2BdhSXD61CKHbVOpXE%2FCzGZBWtzocQKdAEHbcNxpxiqXcKeF1j6jAN88TISTcr6vMPCFx5%2FYnCUmLz4eEA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 709582d4398e8ffe-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 widget-options.css
www.pua-unemployment-login.com/wp-content/plugins/widget-options/assets/css/ 1 KB
669 B 15ms
12ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/widget-options/assets/css/widget-options.css
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358
cf-polished: origSize=1046
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 03 Mar 2022 04:50:58 GMT
server: cloudflare
etag: W/"62204932-416"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GmoayhfJElbH894P%2F05APrf6OUPWyPXIVDbr3J7yiJcu%2Bczi1ImaM9JUF4fMbOmsy%2BwCatofckciTMGNg8PbPqotOSSSb86SRo2oto26aoM3yN%2BuCYi6s0mx882F0zp0kFsF1VQQ0z%2FE%2FGbfx3Jx3gPa87FiefXj93F29RQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 709582d439918ffe-FRA
cf-bgj: minify

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/ 55 KB
11 KB 21ms
19ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/style.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f756dfbe6acaf000051e953483ef0b192ebde398a02a3b02342626d01e19cd2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358
cf-polished: origSize=74854
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-12466"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VdapGQyu3Pc4M%2BHFzVz9eJp4AM8GiEZuEiVGgOcI4t3OVzmhMgZ1KFh9tOx6jSPkTe0clwLseSbf%2FvYwB9WKpFwoF4SLsu6et29BymgjaF8hnplvDnNOTQgwsft26y1a18AqySchdpj7P0v%2BvUHpqsM1o3OThM%2BAbm4nC4s%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 709582d439948ffe-FRA
cf-bgj: minify

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/ 5 KB
2 KB 18ms
16ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/style.css?ver=5.9.3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1acdc2684bd8b7adaff16a3484ffbfb6aba5d5f84c8f3b953b627d964f1dee09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358
cf-polished: origSize=7462
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Mar 2022 05:10:16 GMT
server: cloudflare
etag: W/"623ea038-1d26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9EsU3FbPM5iiQj%2FUF3Ki%2B7qZQLrVJ3%2FhVuMo21AA1mxEMefCUt2MLCfzz9zORu5cSm%2BOC7GdNghashbbd0zaMQxUJlWfqQqO1zGLuea%2Ffrjc0DPX00myl5OAu%2FHNnOVtRneqsc1EmqcAI9rPpie9b1zQhS8jkRUzIKfccl0%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 709582d439968ffe-FRA
cf-bgj: minify

GET
H2 200 genericons-vfbebe6833240b44e5b7683d3f72df194cc085824.css
www.pua-unemployment-login.com/wp-content/cache/asset-cleanup/css/item/ 26 KB
16 KB 20ms
18ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/cache/asset-cleanup/css/item/genericons-vfbebe6833240b44e5b7683d3f72df194cc085824.css
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 193af24ee1ee57616c68f47ca4cc71c36fabb05b1afae6d15f4b0e267fc89c82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358
cf-polished: origSize=28594
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 09 May 2022 08:15:21 GMT
server: cloudflare
etag: W/"6278cd99-6fb2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bMTkVDkm0z7LmRsOjG45RBJ6LrtDAd2UZnrYr6KCFvfO20rseSayQBB8fWgcAgFzowBQ796ggX9IGR%2B6MfdI%2FOHGYzaLktatuYNRFx8boDdp6xY7q4xAni2i5pQtWl4ATUIkY02kJOMp3BbLpk4Ly99H2hnaZ7f6epCI7Yo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 709582d439988ffe-FRA
cf-bgj: minify

GET
H2 200 style.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/ 5 KB
2 KB 23ms
22ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen-child/style.css?ver=20201208
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1acdc2684bd8b7adaff16a3484ffbfb6aba5d5f84c8f3b953b627d964f1dee09

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358
cf-polished: origSize=7462
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 26 Mar 2022 05:10:16 GMT
server: cloudflare
etag: W/"623ea038-1d26"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7V%2F5CvL14ij171krPu74gqcl1FCX%2FhfeQfUM3sJxGB%2F%2Fzb3VG%2BifvHFPe2XQ0DHb5ZEsMEnq9m7FFo4VpHsxZ677QXSRUIdkEWWJ%2Fae%2BCut6CKGxdB5VglW%2FLbm0pjnKr1q7RsoCjZnInhYft9P0lbLy%2FrlucgRAVPnipFM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 709582d4399c8ffe-FRA
cf-bgj: minify

GET
H2 200 blocks.css
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/css/ 6 KB
2 KB 18ms
17ms Stylesheet
text/css 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/css/blocks.css?ver=20190102
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6f82e92f570144e5591909c4e61040ac0cbcb1024d0c0acc6a79abf7364d84ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 358
cf-polished: origSize=9246
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-241e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hoWiyHdTzCBheZ1vJe3PImVZbMt%2B%2FabACATKdFCdAhruuAiM71UTrSGiTcgdT1zvqxmwQAfpn%2FuQm4qqEfhUZQzFwhrHPO53SxQu7Mu%2FBAKOiIoB5axjhl8mVQGPmOLHApIS3w4d47xdHIpy78Nm%2FFE%2Bb828Uw4GE4jGM48%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=31536000
cf-ray: 709582d4399d8ffe-FRA
cf-bgj: minify

GET
H3 200 jquery.min.js Show response
www.pua-unemployment-login.com/wp-includes/js/jquery/ 87 KB
32 KB 290ms
289ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.0
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 13 Sep 2021 05:11:34 GMT
server: cloudflare
etag: W/"613edd86-15db1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=v%2BVflNj38ADbjOgPLbaa84HfhzUOAoyDACSAUKJsBr9%2B%2BpznpYXPlUD%2FEGcKaaaSSTw%2BcgQXBDdOGIg6mcjL%2BmVIqhVJmdq%2BmIUAZGRl%2FwkGNlOFJEjK4HBorsREIYPJ2bYw5Y9ukNQra9qO2s8DHZKJtG3g%2FTsFJzllXtc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 709582d52e9b6919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 cropped-PUAUnemploymentLogin-logo.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/09/ 4 KB
5 KB 22ms
21ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/09/cropped-PUAUnemploymentLogin-logo.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93fbf26c7da3d17b1d602ee05d91d63af89666e1c7df99fa9ea7656973102c9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 31051
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4036
last-modified: Mon, 27 Sep 2021 05:30:47 GMT
server: cloudflare
etag: "61515707-fc4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zr74nfARSJFVVI423DJ1%2FTRQgN4Z1br55yd61u3njWYim28sjr8%2Bq%2FfGHc1pOKYRPS0e%2BoljGTggVHzB6CgTlfMkFpVx2Yvfyczzfv9m017HvQBR6zOShe2A2TprDrTO8WUDdTNq%2BeuwcgcgFqP05ZWpYb640jBRHPuo3b4%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 709582d52e9d6919-FRA

GET
H2 200 c5 Show response
platform.foremedia.net/code/8428/ 1 KB
1 KB 114ms
110ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/c5
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cccceafbf83aec903f0974b23f6c94fac56cebb332adc6d7fb48f4d957ff6329

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ijl3bPAv3iFFc8HlkvKyDt5pLQOMlxtTeDmoPo1QupQnd9aOvIE%2BZ4%2B%2BOFHxACahXhgZf9u2JaR%2BrV3pkbVHgYqduVeQ3SSKrMatAl9dN%2BqI9FP7zCQEVCfQmN2NRAeHde73ggZ7MU2p5ZrlEo1A8WMObjhD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 709582d46d76900a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 199 KB
69 KB 41ms
16ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b0f5a0cc806846ed2f58fbb2740c4c7ef9ad190e401368493c1442b7dcc9eecd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 08:07:53 GMT
etag: "17-JFnhdNKXF6rpRO6vlr0R3LvmkLE"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
access-control-allow-methods: GET,POST
x-traceid: 81d81e7c99b49e4b194316901885e392
timing-allow-origin: *, *
content-length: 70342

GET
H3 200 c3 Show response
platform.foremedia.net/code/8428/ 1 KB
985 B 303ms
288ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/c3
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da524ab3b63b0729cef49c40106e10fe0f23483c0a761355cbbb7ee3742ccc28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=61tJVbj6au1X3Jzk7xoMuPmlgsZtbsZq%2FJYYT3xbzU0Wg%2Fu8vBs2elMMlRmPsZITOdp%2F2rpQ70npctAsqeSklvvJTaJbphRVWlwBmKsrbdDebP15vdfzgwkGZNk7UiuETnFsO5PQvuoG9Yi4Y7veoA32oQFt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 709582d538025bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 Best-Amazon-Deals.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 55 KB
55 KB 379ms
378ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Best-Amazon-Deals.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dbe6a6b5b64bf6ea1a25fd5aa7c736f971111fa066ba856cde47432d02dc263b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:52 GMT
server: cloudflare
etag: "6072f1d8-daa4"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xiPIA8Z7WMqmG5ZObidrxsTodMVX1vvZ9O44OS2s7%2B6%2BNv2H4hwvRmppfzqJB%2FkTijaHiHKC8NWY%2FZKU%2BLayCe2HcOR%2Fl3Bf9Po7aWNcPyxdcgbqXdOLsGDf9xPGW0MxkjoDP0uZJ1gJl1AsEV8s107JNNyl2mWEoWeB6QA%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 709582d52e9e6919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 55972

GET
H3 200 Best-Amazon-Coupons.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 75 KB
75 KB 344ms
342ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Best-Amazon-Coupons.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e40143e736f525cb284279c368de9f5a44ab9278dba7911c1157d5ec0ba0a810

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:52 GMT
server: cloudflare
etag: "6072f1d8-12bab"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zNP8aF3C8dSPysFv9zCQ5WTXT7Jn0eIgnninMreRWtvOeXYHqvzHCQlR4D0BApRwJ12FV8%2BgJ6TSqj5ZAPltqVwZd7Sjjf%2Bhjr%2FFY1p4aFDEQ96KvTYwrkYacN%2FXqhBmaH51OgtcrWO9Aw9fXRXs4Sm44B%2BkFuuLDAdbAVw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 709582d52e9f6919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 76715

GET
H3 200 Amazon-Prime_Now.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 49 KB
49 KB 372ms
371ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Amazon-Prime_Now.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: df174ce03e6a22ad812e3301fa1cb4c94bb1c8fc36690e4077a958c4446eabb4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:54 GMT
server: cloudflare
etag: "6072f1da-c398"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ttW1dMH25qdxTc40AAjK4%2BjZwluS%2FZnJuNz0nwVGjKMrt4Svn8hoMvgAUM7LpNils83pbyBzk9Asu8e7PtdCObr4aysYpVSk21U6CrjwAbIOO7HOKfeVLox2%2FwvgRphFv3hKpMCCjg2QYHP%2Fgt0SV5hRL5kxQdGoHMbgBa0%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 709582d52ea26919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 50072

GET
H3 200 Audible-audiobooks-podcasts-audio_stories.jpg
www.pua-unemployment-login.com/wp-content/uploads/2021/04/ 56 KB
56 KB 356ms
355ms Image
image/jpeg 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pua-unemployment-login.com/wp-content/uploads/2021/04/Audible-audiobooks-podcasts-audio_stories.jpg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e467b8cb04f6f34bd50fa7f2f15a21d229f4403a8b88b25456219689377819ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
cf-cache-status: MISS
last-modified: Sun, 11 Apr 2021 12:55:54 GMT
server: cloudflare
etag: "6072f1da-df53"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KnYhr4WgtfbAEh3h5XimsmKD3a6AA01GlUeZKa7%2BE6SifdKL%2BAsnzrylFDhYY4K1bdkpKxT5FU7FtuWSZZl1SE06CvUc1JG%2BRDyGoeDaP4LiB8PGS0Y7Ahz57vuzidglTmlFvj%2Bo5kGhNI1bM0hXv4QX%2BiB%2FyH8ZEGDuFH8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
accept-ranges: bytes
cf-ray: 709582d52ea46919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57171

GET
H3 200 skip-link-focus-fix.js Show response
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/ 1 KB
1 KB 191ms
191ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/skip-link-focus-fix.js?ver=20170530
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 04e1f5f3bcc04d296fa4bd24e268a974667ea40eaaeacd747b0865b4595d33ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-447"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=M93zGIRj6P9VBmK7hHYbWMqWwALd79oKYmYb4BfikP1ON9g6mSNuTQa8CCVE7aFEd5tQ8aNN8FDS2U1pLWjDOeWWtgIBpW1qaqPFA%2B5QUZ7XMy3Sys7wqdRsi6ff3TQAojZPyjqnk0hwLenB4zMmx0bxGnN96KaEUmDlvmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 709582d51e7f6919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 functions.js Show response
www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/ 7 KB
3 KB 195ms
194ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/themes/twentysixteen/js/functions.js?ver=20181217
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3616341a626ff768304cda8ac64aca4a6552ee71d542f2f5db100605ec798548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Sun, 06 Feb 2022 06:21:36 GMT
server: cloudflare
etag: W/"61ff68f0-1d76"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Ft4ssV6BxSGzEgHTyDM5J2ePH7q8QJ5rwDL8GvJ4AXL0ZbmW3Elm4Ezr4xGlbw2yNPCPwfnmVbhK%2BMHlr61V8LbY1BdNZQ6IIEK2kDkGPriE0W2BHyh1Z0AivRx2bAv%2BBdLMyaGy1Nwb4BS0L4vRPJTJoh%2FBP6siTOp3WdQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 709582d52e956919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 gtagv4.js Show response
www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/ 91 KB
35 KB 276ms
275ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 16 Mar 2021 07:37:06 GMT
server: cloudflare
etag: W/"60506022-16ada"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fvYEJ9ZhUoV9kSfGvZdgYTzcRSIhzScibGJaC5I02j7ub4%2BV2sMWo8cv0lbRDcOVqLzGXAyLRjxkRJBTYEDVFtiT7ito4CL2rvXUxusiCoBNbxxvQevE%2B%2B4Zfs83rU94MxCvUYT5UrVKgXEE20w4rJd0UHXE4DhoMN8250A%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 709582d52ea66919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 footer_float Show response
platform.foremedia.net/code/8428/ 1 KB
1001 B 123ms
116ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/code/8428/footer_float
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b9b69a3dd2271ada2d50dfe7bfaea402e8ae9d830cd245e34fac2437ca33158d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z%2FhcGOqk3SnTxDVkkGRzqZoDtIylBSCnW0%2B11s1OrxHd0Bw8PZSdOMspbNArmGbDjTYZHL4TEMkA%2BYRD0M%2BxxJVpRDrTyEqeFE9OcJkEEfc7t9tqHUrDX3aPosDGCMuh%2BaFepLi%2Bfx%2B01mun6KBL3rSqZkVp"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 709582d538045bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 lazyload.min.js Show response
www.pua-unemployment-login.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/ 8 KB
3 KB 25ms
24ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.pua-unemployment-login.com/wp-content/plugins/wp-rocket/assets/js/lazyload/17.5/lazyload.min.js
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/new_york
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 06 May 2022 02:56:15 GMT
server: cloudflare
age: 31051
etag: W/"62748e4f-2063"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LY36x%2Fnzr%2BAPxGEndWu0YikFoFIsAza0t7H73WCEXxD2S6NF2et%2FmZ0rApmxT8tUvkz0S6CpXk3rXdF3EHDpjKTrqSgDexAExhjls0XuJJEK5tZBQLFxXh5K2pgKoUFzPnIWe64TQaweVc4IliHYY6VfIexRiPx3JH%2FPjns%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 709582d52ea76919-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 analytics Show response
platform.foremedia.net/getcode/8428/ 8 KB
2 KB 117ms
111ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/analytics
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/analytics
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d637341e9d6d89752d08ae604391544a79e884fcb68c56a617c700b906555b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rICd1QQiGJaYKqBQ4eCZhY7NbCNV8aN7C4VA5N2gddsLNqZtCpGSpcFSKo6ok3LDTKNBvPYZBqDqNCZW5LdDAOnLL6BWzHo3ii%2Fcg9osvd9QDtkkXi3xqAD1RHQ87yRQ2WF64WxUdXd85xNnCoeAQiYGv3%2BJ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 709582d53fff5bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 c5 Show response
platform.foremedia.net/getcode/8428/ 1 KB
860 B 288ms
285ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/c5
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/c5
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc7efc48e5c37e8d392a52637dbdacc1b81c7ba29c8f10cd5a0ddb3cdd3fb180

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8EQaArXyXYM5XPHNID3A%2BE2efZyHnrY7Q9AV15I3RBg%2BxSIJUlLwyC%2BB7zitF5AndtwI%2FECIZRKipYZlskP%2Fg98G4oUB03Cr%2F8kqIPLGoppHSrX%2FHBNJffvxuoFOtsL6ojBiC1YVDyn9NqWg9DwaA8DXXm1F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 709582d538055bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
DATA 200
OK truncated
/ 14 KB
14 KB Font
application/x-font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6

Request headers

Referer
Origin: https://www.pua-unemployment-login.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: application/x-font-woff;charset=utf-8

GET
H/1.1 200
OK d3d3LnB1YS11bmVtcGxveW1lbnQtbG9naW4uY29t Show response
tcheck.outbrainimg.com/tcheck/check/ 15 B
462 B 58ms
18ms XHR
application/json 2.22.34.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3LnB1YS11bmVtcGxveW1lbnQtbG9naW4uY29t
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.34.3 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-34-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Date: Tue, 10 May 2022 20:44:07 GMT
ETag: W/"f-ayLlCL3PuzXSThdu78iReSEjl6Y"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=30859
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: a7a6e7adb8215d5261c4e854f96a81d8
Content-Length: 15
Expires: Wed, 11 May 2022 05:18:26 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 18ms
17ms Image
image/gif 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:07 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Thu, 09 Jun 2022 20:44:07 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
38 KB 135ms
49ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8428/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

807d88ecc70a2cc1190dcd8e5f797138310a11e36f89f12bb4d71dda8cce0eec

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38877
x-xss-protection: 0
last-modified: Tue, 10 May 2022 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 10 May 2022 20:44:08 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 155ms
63ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: platform.foremedia.net
URL: https://platform.foremedia.net/getcode/8428/analytics

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f63c6de989281851ed59dfa1c06a7eecd4ab37f89453a7dd89150a2e1b8be469

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28409
x-xss-protection: 0
server: sffe
etag: "1211 / 363 of 1000 / last-modified: 1652204103"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 10 May 2022 20:44:08 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 202 KB
69 KB 154ms
51ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-1149e"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 70814
expires: Tue, 10 May 2022 21:44:08 GMT

GET
H2

200

1
mc.yandex.ru/watch/87761349/
Redirect Chain

https://mc.yandex.ru/watch/87761349
https://mc.yandex.ru/watch/87761349/1

43 B
83 B

61ms
61ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/watch/87761349/1

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:08 GMT
last-modified: Tue, 10-May-2022 20:44:08 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:44:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:08 GMT
last-modified: Tue, 10-May-2022 20:44:08 GMT
strict-transport-security: max-age=31536000
location: /watch/87761349/1
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:44:08 GMT

GET
H2 200 placement_invocation Show response
ob.cheqzone.com/ 48 KB
18 KB 48ms
10ms Script
text/javascript 108.157.4.44
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.44 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-44.dus51.r.cloudfront.net
Software: Caddy /
Resource Hash: 55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 17:34:14 GMT
content-encoding: gzip
server: Caddy
age: 11394
etag: "bf83-flSXooGsmrmYNlxSK09toJAtNHc"
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 8080d8bfc581f6befaaa7736f6d0003e.cloudfront.net (CloudFront)
cache-control: max-age=43200
x-amz-cf-pop: DUS51-P2
content-length: 18458
x-amz-cf-id: 8LcclcfjDSlinWH7JV5arkPfGL1xVqmX5NwKjtQnt9MihmnQpUqOTg==
expires: Wed, 11 May 2022 05:34:14 GMT

GET
H2 200 show_pla Show response
obs.cheqzone.com/ 2 KB
2 KB 356ms
126ms Script
text/javascript 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://obs.cheqzone.com/show_pla?id=65349&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&sf=0&k=&idx=0&ch=&ext=&np=linux%20x86_64&nv=google%20inc.&rand=24700902196096028625902631721525140901105108092611550585620914008257&nc=0&tsf=0&tsfmi=&pv=0&cb=1652215448102&ref=&pit=1&hl=2&op=0&fs=1600x1200&ss=1600x1200&pre=0&jsonp=OBR.extern.onCheqResponse&mr=&ag=1738489652&at=&bid=e30%3D&di=W1siZWYiLDM4MTFdLFsxMiwie1wiY3R4XCI6XCJ3ZWJnbDJcIixcInZcIjpcImdvb2dsZSBpbmMu%0D%0AIChnb29nbGUpXCIsXCJyXCI6XCJhbmdsZSAoZ29vZ2xlLCB2dWxrYW4gMS4yLjAgKHN3aWZ0c2hh%0D%0AZGVyIGRldmljZSAoc3ViemVybykgKDB4MDAwMGMwZGUpKSwgc3dpZnRzaGFkZXIgZHJpdmVyKVwi%0D%0ALFwic2x2XCI6XCJ3ZWJnbCBnbHNsIGVzIDMuMDAgKG9wZW5nbCBlcyBnbHNsIGVzIDMuMCBjaHJv%0D%0AbWl1bSlcIixcImd2ZXJcIjpcIndlYmdsIDIuMCAob3BlbmdsIGVzIDMuMCBjaHJvbWl1bSlcIixc%0D%0AImd2ZW5cIjpcIndlYmtpdFwiLFwiYmVuXCI6NixcIndnbFwiOjEsXCJncmVuXCI6XCJ3ZWJraXQg%0D%0Ad2ViZ2xcIixcInNlZlwiOjEwNTE2OTQwODksXCJzZWNcIjpcIlwifSJdLFstMSwiLSJdLFstMiwi%0D%0ANixlWUc5WDEvWDF0WmxTMjJkNTF4OFlOWTlNeEpRRU1DZFVCSEpMODZMMjNBQ0dVaEJJd0lTU0VF%0D%0AQWNJSmZSZUFnUUlFRm9JbmRDeHdRWGpobzI3MTk2bU1qT3Yvcjg3MHV4cUZ4Il0sWy0zLCJbXCJp%0D%0AbnRlcm5hbC1wZGYtdmlld2VyXCIsXCJtaGpmYm1kZ2NmamJicGFlb2pvZm9ob2VmZ2llaGphaVwi%0D%0ALFwiaW50ZXJuYWwtbmFjbC1wbHVnaW5cIl0iXSxbLTQsIi0iXSxbLTUsIi0iXSxbLTYsIntcIndc%0D%0AIjpbXCIwXCIsXCJjaHJvbWVcIixcImFsbG93ZWRcIixcImJsb2NrZWRMaXN0XCIsXCJpXCIsXCJm%0D%0Ab3JlbWVkaWFfZnJhbWVcIixcImZvcmVzaG9wTWVkaWFEeW5hbWljVGFnXCIsXCJlbGVtZW50XCIs%0D%0AXCJmXCIsXCJPQlJcIixcIk9CX3JlbGVhc2VWZXJcIixcIk9CUiRcIixcIk9CX1BST1hZXCIsXCJv%0D%0AdXRicmFpblwiLFwib3V0YnJhaW5fcmF0ZXJcIixcImZvcmVzaG9wTWVkaWFEeW5hbWljVGFnMVwi%0D%0ALFwiZm9yZXNob3BNZWRpYUR5bmFtaWNUYWcyXCIsXCJmb3Jlc2hvcE1lZGlhRHluYW1pY1RhZzNc%0D%0AIixcImZvcm1lZGlhQWRPYmplY3RcIixcImd0YWdcIixcImRhdGFMYXllclwiLFwiaW50ZXJzdGl0%0D%0AaWFsU2xvdFwiLFwic3RhdGljU2xvdFwiLFwiZ29vZ2xldGFnXCIsXCJ5bVwiLFwiYWRUYWdzXCIs%0D%0AXCJfX2N0Y2dfNjUzNDlfMF9leGVjXCJdLFwiblwiOltdLFwiZFwiOltdfSJdLFstNywiLSJdLFst%0D%0AOCwiLSJdLFstOSwiKyJdLFstMTAsIi0iXSxbLTExLCJ7XCJ0XCI6XCJcIixcIm1cIjpbXCJvZzp0%0D%0AaXRsZVwiXX0iXSxbLTEyLCJudWxsIl0sWy0xMywiLSJdLFstMTQsIntcIm9cIjowLjA4Njk1NjUy%0D%0AMTczOTEzMDQzfSJdLFstMTUsIi0iXSxbLTE2LCIwIl0sWy0xNywiNCJdLFstMTgsIlswLDAsMCwx%0D%0AXSJdLFstMTksIlswLDAsMCwwLDAsMCwxLDI0LDI0LFwiLVwiLDE2MDAsMTIwMCwxNjAwLDEyMDAs%0D%0AMTYwMCwxMjAwLDE2MDAsMTIwMCwwLDAsMCwwLFwiLVwiLFwiLVwiXSJdLFstMjAsIi0iXSxbLTIx%0D%0ALCJnTzBFU215WCJdLFstMjIsIltcIm5cIixcIm5cIl0iXSxbLTIzLCIrIl0sWy0yNCwiW10iXSxb%0D%0ALTI1LCItIl0sWy0yNiwie1widGpoc1wiOjEwMDAwMDAwLFwidWpoc1wiOjEwMDAwMDAwLFwiamhz%0D%0AbFwiOjM3NjAwMDAwMDB9Il0sWy0yNywiWzAsOSwwLFwiNGdcIixudWxsXSJdLFstMjgsImVuLVVT%0D%0AIl0sWy0yOSwie1widlwiOlsyLDIsMiwyLDAsMCwwLDIsMCwyLDAsMiwwLDAsMiwyLDIsMiwwXX0i%0D%0AXSxbLTMwLCJbXCJ2XCIsMF0iXSxbLTMxLCJmYWxzZSJdLFstMzIsIjIiXSxbLTMzLCItIl0sWy0z%0D%0ANCwiLSJdLFstMzUsIlsxNjUyMjE1NDQ4MDgzLDBdIl0sWy0zNiwiW1wiNC8zXCIsXCI0LzNcIl0i%0D%0AXSxbLTM3LCItMTQ0LTY2LTE4MC0iXSxbLTM4LCJsLC0xLC0xLDQyLDAsMSwwLDAsMTksNzY1LC0x%0D%0ANjUyMjE1NDQ3NjkyLDAsMTAwMC41LDEwMzEuNCwxMjE4LDEyMTkiXSxbLTM5LCJbXCIyMDAzMDEw%0D%0AN1wiLDAsXCJHZWNrb1wiLFwiTmV0c2NhcGVcIixcIk1vemlsbGFcIixudWxsLG51bGwsdHJ1ZSw4%0D%0ALGZhbHNlLG51bGwsMF0iXSxbLTQwLCIzMyJdLFstNDEsIi0iXSxbLTQyLCIxNzI0Mjk3NjUzIl0s%0D%0AWy00MywiMDAwMDAwMDEwMTAwMDAwMTAwMTExMDExMDAiXSxbLTQ0LCIwLDAsMCw1Il0sWy00NSwi%0D%0ALSJdLFstNDYsIjAiXSxbLTQ3LCJFdGMvVW5rbm93bixlbi1VUyxsYXRuLGdyZWdvcnkiXSxbLTQ4%0D%0ALCIwLDAiXSxbLTQ5LCItIl0sWyJibmNoIiw2MF1d&tsfu=&fst=1600x1200&dep=0&cpos=%5B%7B%22x%22%3A1055%2C%22y%22%3A911%2C%22w%22%3A324%2C%22h%22%3A0%7D%2C%7B%22w%22%3A1600%2C%22h%22%3A1200%7D%5D&ver=41&cri=iBWfHDvFfl&sdd=%7B%7D&pto=1239
Requested by: Host: ob.cheqzone.com
URL: https://ob.cheqzone.com/placement_invocation?id=65349&idx=0
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: ef6d8ff6a950a0640885449909435aa4c916bad8b234ddfe7ecb8b6831753f39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: gzip
cache-control: no-cache, no-store, must-revalidate
content-type: text/javascript
content-length: 1491
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 c3 Show response
platform.foremedia.net/getcode/8428/ 1 KB
855 B 128ms
128ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/c3
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/c3
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 73a9eaebd1e51360e20a453fd080f7dc7ce220eb009c50c3337b41cf1b0db975

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q0GBxp1QQNArDkGTEG69u4nnFb67nG2v49T3f1X9c%2BcRpaI7Y412qG0E9aHfSOQ0dgo%2FaEp0ettUB2pWoXbp%2B0KA8LstARajxIDQ%2FMaGCShAEUw8XVlDb58Ywt0g2M6BUR5Ujh7u%2Bzg%2FDl8ccdbmetKxO5Q%2B"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 709582d70ba25bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 footer_float Show response
platform.foremedia.net/getcode/8428/ 1 KB
879 B 148ms
148ms Script
application/javascript 2a06:98c1:3120::a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.foremedia.net/getcode/8428/footer_float
Requested by: Host: platform.foremedia.net
URL: https://platform.foremedia.net/code/8428/footer_float
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9d3a4411f186523148f4e4703a96f2259ee672b7b6133abe7953f243f571d7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p3pX1ChuEvjj3lLIJK21ADH%2BJYoTL%2BNu4gxq4yGkb3w19xJROsbz%2Fns%2FONIgmvWYTVOxtVktueB%2Firt2Kdl3gUb%2BD57Yq9oRfw2U5ELzZAW8xMhEU7xVrswh6o7c5W%2FCuwPl4fANKA8h993X%2F%2BrETsdiWaik"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: private
cf-ray: 709582d70bab5bf9-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 126ms
39ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1499
date: Tue, 10 May 2022 20:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 10 May 2022 22:19:09 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 189 KB
68 KB 138ms
57ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2X191KKTRE&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-182103897-1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3c24f134a6d815644ebf8a92b78322e5b927070050f13633f91509bf135b425f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69321
x-xss-protection: 0
expires: Tue, 10 May 2022 20:44:08 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
182 B 132ms
52ms Ping
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-2X191KKTRE&gtm=2oeae1&_p=1484372645&sr=1600x1200&ul=en-us&cid=2145794867.1652215448&_s=1&dl=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&dr=&dt=Page%20not%20found%20-%20PUA%20Unemployment%20Login&sid=1652215448&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/wp-content/plugins/flying-analytics/js/gtagv4.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pubads_impl_2022050501.js Show response
securepubads.g.doubleclick.net/gpt/ 368 KB
125 KB 97ms
32ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:34:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 566
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127685
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 20:34:42 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 139 B
134 B 107ms
41ms XHR
application/json 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

b591dbbdd781b3ee2d342a48864140edba332844de8aed0bfcb46e9339a50c47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 109
x-xss-protection: 0
expires: Tue, 10 May 2022 20:44:08 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9634.EAG9rdm4buxnaHLtN6SQwDWCM2Tt04wbvV1nnUxCf-2yZhbOfR9h8wbHo-els4Io.LqjLEIywWLiygVwlxRmpC48AKuk%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9634.rkdfjF_L8epC5V2W3FrlwdR2l-IPpnKJBD451qs2rp3Ekx6ahzafhri0p5AFAgYSb8glao7JlamG0y5wju50oT6AgTqUCy500Q74kyWlARY%2C.rNcxsO_SFIUktc6sVUCuBJ-DM1A%2C

43 B
332 B

54ms
53ms

Image
image/gif

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9634.rkdfjF_L8epC5V2W3FrlwdR2l-IPpnKJBD451qs2rp3Ekx6ahzafhri0p5AFAgYSb8glao7JlamG0y5wju50oT6AgTqUCy500Q74kyWlARY%2C.rNcxsO_SFIUktc6sVUCuBJ-DM1A%2C

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9634.rkdfjF_L8epC5V2W3FrlwdR2l-IPpnKJBD451qs2rp3Ekx6ahzafhri0p5AFAgYSb8glao7JlamG0y5wju50oT6AgTqUCy500Q74kyWlARY%2C.rNcxsO_SFIUktc6sVUCuBJ-DM1A%2C
date: Tue, 10 May 2022 20:44:08 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
100 B 51ms
50ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
last-modified: Fri, 06 May 2022 13:09:00 GMT
etag: "6274f3bc-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 10 May 2022 21:44:08 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 127ms
46ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1484372645&t=pageview&_s=1&dl=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&ul=en-us&de=UTF-8&dt=Page%20not%20found%20-%20PUA%20Unemployment%20Login&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAAC~&jid=1392781414&gjid=1104940265&cid=2145794867.1652215448&tid=UA-182103897-1&_gid=1653241634.1652215448&_r=1&gtm=2ou590&z=1859372414

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 137ms
50ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 134ms
48ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.pua-unemployment-login.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 190 KB
18 KB 673ms
673ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1480295671358783&correlator=2624725243016849&eid=31067277%2C31067486%2C44755509&output=ldjh&gdfp_req=1&vrg=2022050501&ptt=17&impl=fifs&iu_parts=21863165165%2C22264204666&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=728x90%2C728x90%7C300x250%7C336x280%2C320x50%7C300x250%7C300x600%7C336x280%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C320x50%7C300x250%7C336x280%7C250x250%7C200x200%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C728x90%7C468x60%7C336x280%7C300x250%7C250x250%7C234x60%7C200x200%7C180x150%2C728x90%2C336x280%7C300x250%7C320x480&fluid=0%2C0%2Cheight%2C0%2Cheight%2C0%2C0%2C0%2C0&ifi=1&adks=201602978%2C2183081903%2C3593666348%2C2311508265%2C574321577%2C2311508267%2C2311508266%2C201602981%2C2967810272&sfv=1-0-38&ecs=20220510&ists=1&fas=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C8&fsapi=false&prev_scp=refresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7Crefresh%3Dtrue%7C&sc=1&cookie_enabled=1&abxe=1&dt=1652215448405&lmt=1652215448&dlt=1652215447693&idt=682&biw=1600&bih=1200&adxs=-9%2C-9%2C1040%2C-9%2C1040%2C-9%2C-9%2C436%2C-9&adys=-9%2C-9%2C2369%2C-9%2C485%2C-9%2C-9%2C1110%2C-9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C360x0%7C0x-1%7C360x0%7C0x-1%7C0x-1%7C1600x6155%7C0x-1&msz=0x-1%7C0x-1%7C360x0%7C0x-1%7C360x0%7C0x-1%7C0x-1%7C1600x-1%7C0x-1&fws=2%2C2%2C0%2C2%2C0%2C2%2C2%2C512%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=2145794867.1652215448&ga_sid=1652215448&ga_hid=1484372645&ga_fc=true&btvi=-1%7C-1%7C1%7C-1%7C0%7C-1%7C-1%7C0%7C-1&topics=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

43642f524e38cfd0c41e4a4e6769189dd2bd203e59062f876bad7e8945f66727

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18387
x-xss-protection: 0
google-lineitem-id: -1,-1,-1,-1,-1,-1,-1,-1,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -1,-1,-1,-1,-1,-1,-1,-1,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 91B2 6 KB
4 KB 161ms
47ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:44:08 GMT
expires: Wed, 10 May 2023 20:44:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pubads_impl_page_level_ads_2022050501.js Show response
securepubads.g.doubleclick.net/gpt/ 36 KB
13 KB 32ms
32ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_page_level_ads_2022050501.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

babb18965e9ca0d1953890df5b83fd4d714854b55e5af46dbec4bf768ab534c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Thu, 05 May 2022 10:36:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 468468
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13436
x-xss-protection: 0
last-modified: Thu, 05 May 2022 08:34:36 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 05 May 2023 10:36:20 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/87761349/
Redirect Chain

https://mc.yandex.com/watch/87761349?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1031%3...
https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1031...

338 B
738 B

54ms
54ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1031%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A57450714872%3Ahid%3A553182969%3Az%3A0%3Ai%3A20220510204408%3Aet%3A1652215448%3Ac%3A1%3Arn%3A44137793%3Arqn%3A1%3Au%3A1652215448646130186%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215446865%3Ads%3A0%2C19%2C764%2C1%2C42%2C0%2C%2C469%2C0%2C%2C%2C%2C1307%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215448%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

6a9d8f9fe537fa5c85162022b0e0827fc319a4361388727bd8e1a6949833b542

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 10-May-2022 20:44:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:44:08 GMT

Redirect headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:08 GMT
last-modified: Tue, 10-May-2022 20:44:08 GMT
location: /watch/87761349/1?wmode=7&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Aa8mjecangl5v275zywhk%3Afp%3A1031%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A791%3Acn%3A1%3Adp%3A0%3Als%3A57450714872%3Ahid%3A553182969%3Az%3A0%3Ai%3A20220510204408%3Aet%3A1652215448%3Ac%3A1%3Arn%3A44137793%3Arqn%3A1%3Au%3A1652215448646130186%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1652215446865%3Ads%3A0%2C19%2C764%2C1%2C42%2C0%2C%2C469%2C0%2C%2C%2C%2C1307%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1652215448%3At%3APage%20not%20found%20-%20PUA%20Unemployment%20Login&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:44:08 GMT

GET
H2 200 imp.gif
obs.cheqzone.com/tracker/ 43 B
79 B 113ms
113ms Image
image/gif 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://obs.cheqzone.com/tracker/imp.gif?e=37dfbd8ee84e00136fecc534ef438e959225c24f567d51c5c30f41b0254384cfa532ff1a285aa40e98d022e0b44dc87ea4a36fde4c1b8c682309094d0ba0bfea9475489e91da563e351aff717718956a8b70cd0130003f8101424d3f065cc3bf775d36fa26e877cb55e2cc7ce2586fb01f6f3903d053f054abd1c5d52fe87547ed62d2f1157f84163312714793d75066f578afe6d6e54719bd488ebd39e821da61c45085052aae2d05f91e46042f9e5b32b49affa125be2ab8589801f95c0c2cf38e6b256a655c9b6599857ea95a61a7d4f232331e32d786302080903b477442750c1bef8828796d76e4ba152cebfea755c9a444771e2bb5a5a384800cc6b9a326f746c0016537dd9fcfe6ad6b89cc9133d56c5384e6c82c1908f77f6ba195157ae8dceb17de50ae04eb9b1dc148d5cc79d62427d4cc66ca6f82d4edfbdbb9ea1079fe28b0efae2a5366e9d76598e54bb1114355825d0e8d85d2888fbc9227c32c90c6f5ae53df5f5b1aa35e64c5c6c11c2080e872f156e7c719c476a979131e01cc66ee5bdf97aa7fb9836fc65ca9cfcbcb69ce010478e84b5841694a31d0a064bb57dac19c2ba29273b29e21df89e5b27c82bfaa53616bb5f25354d2f7471a04f3acba67b828d8bf0dacbf70a076a12d87118806ddc33ddb1927edb291643923630622175f16a9fd916ad203ab5848432de4a94cd99c0411fdbedfa6a16ac2ef89e094abbdfb593b49e95b94e44b64825f775e8671577570e438fa345f97a9b23ccf3e937cd5fc3ec7fc4fdc2e133363426e199c8d&cb=1652215448467&cri=iBWfHDvFfl
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:08 GMT
cache-control: no-cache, no-store, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK dwce_cheq_events Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 330ms
80ms XHR
application/json 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/dwce_cheq_events?timestamp=1652215448468&sessionId=881b116a-12a5-c8d8-dea1-65cf3fda0021&url=www.pua-unemployment-login.com&cheqSource=1&cheqEvent=0&exitReason=4
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:44:08 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 39906465ad6b86bd2e9649a33420cb7d
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
odb.outbrain.com/utils/ 10 KB
4 KB 153ms
130ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://odb.outbrain.com/utils/get?url=%27.get_permalink().%27&idx=0&rand=84998&key=NANOWDGT01&widgetJSId=GS_6&va=true&et=true&format=html&pdobuid=-1&adblck=false&abwl=false&clss=%2Br%2BiViGywYcTPEuLiltb0vIUehH2Ypr4rFwTOq3nCGVlFlCym%2BjlmZN409QsFo%2FY3O%2BA1psgqT7OpiRj&px=1055&py=911&vpd=0&cw=324&activeTab=true&darkMode=false&settings=true&recs=true&version=2000718&sig=gO0ESmyX&apv=false&osLang=en-US&winW=1600&winH=1200&scrW=1600&scrH=1200&dpr=1&secured=true&cmpStat=0&ccpaStat=0&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b19999722a8d527a95ec2b9bbb3975413ba3ae1b25eedb666873491876f0c0cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1652215448.495734,VS0,VE124
accept-ranges: bytes
x-served-by: cache-lga21934-LGA, cache-fra19168-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 3468cf7ab500a58e9883353341de83f8
content-encoding: gzip
content-length: 3347
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 achoice.svg
widgets.outbrain.com/images/widgetIcons/ 3 KB
3 KB 7ms
7ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "9d26fa4e7238ed94f1d0d92afb453b3e:1651391295.775433"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 2735
expires: Thu, 09 Jun 2022 20:44:08 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 347ms
88ms Fetch
text/plain 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=59297982fc0f46a883f3676587387da5_122703_1652215448583&tm=712&eT=0&widgetWidth=324&widgetHeight=33&widgetX=1055&widgetY=899&wRV=2000718&pVis=0&lsd=-1&eIdx=&cnsnt=no_consent&cheq=1&rtt=164&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: gzip
X-TraceId: 76a5c471f7e906980934c007e43e7c3f
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 streamFeed.js Show response
widgets.outbrain.com/nanoWidget/2000718/module/ 37 KB
14 KB 9ms
9ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: f8aadd68eb9c6abebf719b41cefb6466283be19d3154c9e51f38f0bac1bb7b82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
content-encoding: gzip
last-modified: Tue, 10 May 2022 08:06:56 GMT
server: AkamaiNetStorage
etag: "33b936cbf673d430f7f9f967c3a4310d:1652176804.781598"
vary: Accept-Encoding
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 13600
expires: Wed, 11 May 2022 00:44:08 GMT

GET
H2 200 ob_logo.svg
widgets.outbrain.com/images/widgetIcons/ 12 KB
12 KB 7ms
7ms Image
image/svg+xml 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widgets.outbrain.com/images/widgetIcons/ob_logo.svg
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: 02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
last-modified: Sun, 01 May 2022 07:29:08 GMT
server: AkamaiNetStorage
etag: "65df986ae65cffdf92a926e7c42a25a8:1651391311.776385"
access-control-allow-methods: GET,POST
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 12268
expires: Thu, 09 Jun 2022 20:44:08 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 229ms
81ms Fetch
application/json 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=59297982fc0f46a883f3676587387da5&pvId=59297982fc0f46a883f3676587387da5&sid=8537982&pid=122703&idx=0&wId=834&pad=0&org=0&tm=725&eT=3&cnsnt=no_consent&wRV=2000718&pVis=0&lsd=-1&eIdx=0&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:44:08 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 0e7c9a723f27ddb6fb526d2740f0e2c0
Content-Length: 4
Expires: 0

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 17 KB
6 KB 447ms
446ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%27.get_permalink().%27&settings=true&recs=true&widgetJSId=GS_6&key=NANOWDGT01&version=2000718&apv=false&sig=gO0ESmyX&format=html&rand=31799&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NTkyOTc5ODJmYzBmNDZhODgzZjM2NzY1ODczODdkYTU=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=0&lastCardIdx=0&fAB=11520-0&layeredTestInfo=11520-0-&clss=%2Br%2BiViGywYcTPEuLiltb0vIUehH2Ypr4rFwTOq3nCGVlFlCym%2BjlmZN409QsFo%2FY3O%2BA1psgqT7OpiRj&dpr=1&cw=324&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 93319a3b1c194335463cccd1cf684f218fb7ef725dd40274dd033f5c389b6498

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1652215449.662678,VS0,VE440
accept-ranges: bytes
x-served-by: cache-lga21924-LGA, cache-fra19168-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 5e9c375570454ee060facdd16587b18f
content-encoding: gzip
content-length: 6174
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 5681.js Show response
go.trvdp.com/init/ 6 KB
6 KB 29ms
8ms Script
binary/octet-stream 2600:9000:214f:600:3:7e1c:5b40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://go.trvdp.com/init/5681.js
Requested by: Host: cnt.trvdp.com
URL: https://cnt.trvdp.com/js/1319/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:600:3:7e1c:5b40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 930eb3f887b0f657812c12b21e1648e6955384adedca8aacab2855ed1d0b1acb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Sun, 01 May 2022 12:50:39 GMT
via: 1.1 1f5757b46371746e677236d4fc67d364.cloudfront.net (CloudFront)
last-modified: Sun, 01 May 2022 12:05:49 GMT
server: AmazonS3
age: 806010
etag: "641671317bf70963ec45e1c50edb6c0f"
x-cache: Hit from cloudfront
content-type: binary/octet-stream
x-amz-cf-pop: FRA53-C1
accept-ranges: bytes
content-length: 5845
x-amz-cf-id: 92KYngUwbnggB7b2MUAMBHoMFdIMZB3IwjdOCvQhYd6QxDxIxig0Qw==

GET
H2 200 p.php Show response
stg.truvidplayer.com/ 7 KB
4 KB 323ms
290ms XHR
application/json 108.157.4.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://stg.truvidplayer.com/p.php?sid=1319&wid=5681&cb=6041.599935966031&pid=4272&url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-117.dus51.r.cloudfront.net
Software: nginx /
Resource Hash: a3ea8a24f5910b9e5dc4d052708623c8a3608afeeffb17b11b8960071de25892

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
server: nginx
x-amz-cf-pop: DUS51-P2
x-cache: Miss from cloudfront
content-type: application/json
access-control-allow-origin: https://www.pua-unemployment-login.com
access-control-allow-credentials: true
x-amz-cf-id: zFeKb060I1nQSIN3ScraxgSEbKXhw_sanXsDmS5Qs466jEiwTDP-xw==
via: 1.1 c1c42e732809880dbf4b6deb496490ae.cloudfront.net (CloudFront)

GET
H3 200 container.html Show response
a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 2CE8 6 KB
3 KB 122ms
40ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:44:08 GMT
expires: Wed, 10 May 2023 20:44:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5544 6 KB
3 KB 119ms
43ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:44:08 GMT
expires: Wed, 10 May 2023 20:44:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0625 6 KB
3 KB 117ms
45ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:44:08 GMT
expires: Wed, 10 May 2023 20:44:08 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 singleAnimationOnFeed.js Show response
widgets.outbrain.com/nanoWidget/2000718/module/ 503 B
812 B 16ms
16ms Script
application/x-javascript 23.35.237.86
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/nanoWidget/2000718/module/singleAnimationOnFeed.js?e=1
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.86 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-86.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: e442afceada3ad856d11b90bcc9ccfa5ee84182e6fa2125e5656ab00221f3f20

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Tue, 10 May 2022 08:06:56 GMT
server: AkamaiNetStorage
etag: "d26ce1388f9514ff5e64d329df699a87:1652176799.408778"
access-control-allow-methods: GET,POST
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=14400
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 503
expires: Wed, 11 May 2022 00:44:09 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 93ms
93ms Fetch
text/plain 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=67bb5037e74ade7d82854ff95d659e65_122703_1652215449014&tm=1255&eT=0&widgetWidth=324&widgetHeight=342&widgetX=1055&widgetY=944&wRV=2000718&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=518&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
X-TraceId: 83c86b3ca312e124d5ee1be24b6856a6
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6IjA2ZTI5NDY2ODg3ZDhlODIzNzE5Y2Q2MDk1N2E0NDZhNTg5Y2YyOWZmYjNhMjZhM2UyMDZkOWMzYmE3YmRhNjciLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 24 KB
24 KB 173ms
22ms Image
image/webp 2.22.34.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6IjA2ZTI5NDY2ODg3ZDhlODIzNzE5Y2Q2MDk1N2E0NDZhNTg5Y2YyOWZmYjNhMjZhM2UyMDZkOWMzYmE3YmRhNjciLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.34.3 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-34-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: d93fae2bc8fe3a3b732c83a2202d51e4f793e1405a0350e193d3888243b40548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
cache-control: max-age=850464
last-modified: Wed, 30 Mar 2022 08:13:31 GMT
x-traceid: b2811a1a6bc5fc72939a85fcdc5bf63c
timing-allow-origin: *
content-length: 24572
content-type: image/webp

GET
H2 200 get Show response
mv.outbrain.com/Multivac/api/ 17 KB
6 KB 239ms
239ms Script
text/javascript 151.101.14.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mv.outbrain.com/Multivac/api/get?url=%27.get_permalink().%27&settings=true&recs=true&widgetJSId=GS_6&key=NANOWDGT01&version=2000718&apv=false&sig=gO0ESmyX&format=html&rand=47711&pdobuid=-1&osLang=en-US&va=true&et=true&cmpStat=0&ccpaStat=0&scrW=1600&scrH=1200&t=NTkyOTc5ODJmYzBmNDZhODgzZjM2NzY1ODczODdkYTU=&winW=1600&winH=1200&adblck=false&abwl=false&secured=true&feedIdx=0&lastIdx=1&lastCardIdx=1&fAB=11520-0&layeredTestInfo=11520-0-&clss=%2Br%2BiViGywYcTPEuLiltb0vIUehH2Ypr4rFwTOq3nCGVlFlCym%2BjlmZN409QsFo%2FY3O%2BA1psgqT7OpiRj&dpr=1&cw=324&darkMode=false&activeTab=true&ogn=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/nanoWidget/2000718/module/streamFeed.js?e=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.132 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fa878dbd6cc4e236980f3eac96da522eeeecd49c322b4f143432d1cf3d13170c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
via: 1.1 varnish, 1.1 varnish
traffic-path: NYDC1, LGA, FRA, Europe1
x-timer: S1652215449.196087,VS0,VE233
accept-ranges: bytes
x-served-by: cache-lga21972-LGA, cache-fra19168-FRA
vary: Accept-Encoding, User-Agent
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
x-cache-hits: 0, 0
x-traceid: 31e6388319dbf0997d93a3c37c10d24b
content-encoding: gzip
content-length: 6148
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK widgetGlobalEvent Show response
log.outbrainimg.com/loggerServices/ 4 B
325 B 83ms
82ms Fetch
application/json 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/loggerServices/widgetGlobalEvent?rId=67bb5037e74ade7d82854ff95d659e65&pvId=59297982fc0f46a883f3676587387da5&sid=8537982&pid=122703&idx=1&wId=1515&pad=1&org=0&tm=1269&eT=3&cnsnt=no_consent&wRV=2000718&pVis=1&lsd=-1&eIdx=1&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:44:09 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 050519fb32720c608a4ddd1eee859109
Content-Length: 4
Expires: 0

GET
H2 200 ins.js Show response
s.trvdp.com/scripts/v5.742/ 658 KB
179 KB 32ms
8ms Script
application/javascript 2600:9000:2251:0:d:3c0f:bcc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.trvdp.com/scripts/v5.742/ins.js
Requested by: Host: go.trvdp.com
URL: https://go.trvdp.com/init/5681.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2251:0:d:3c0f:bcc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Wed, 13 Apr 2022 14:40:17 GMT
content-encoding: br
last-modified: Tue, 12 Apr 2022 06:41:24 GMT
server: AmazonS3
age: 2354633
etag: W/"d40fd85fcbb9dac1ff245ac8cec6aeb4"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 c80ae6bd97b709ed6e4747f0d5ea4efc.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P3
x-amz-cf-id: t2poA3VWEv5hv0Mg3WxJcbnBkXHoMUW0GngDvPp-AJzW5vEan5L9_Q==

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 2CE8 0
0 73ms
73ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CmbRUmM56YpSoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEhgJP0IsMxZyv-ttnOMYb9lM48_u906k38tJ3wSmRJUqjCLgt0p2M8aRbYW1cXHEADaTYHSxDBPbptelJ3fJpVPatJtsSUQr3PyfrMa1-dA1RqLLX_6HJh6VoskhV5QTftZh_YWDkdY2-0t8AFALU4LO-X7oUYq4W3a_kCMJzk0S_Rcai9krmlsY01JrHVLG7_aGlek1O8wzQ-S_JTpcnD8YfpQXY28oyJvrVvMq0RpOLPQPuAOIL4esO_iab-URk-6vfnT0SDqAA-ydTddZwEcyb4qnubzoXtLjZsCYlcrXqc1nKCJqTFlFhKyeu6ea7_-mzbnR4YW8_0IdHl9kMJM0sZvzcmAx54AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAYAKA_oLAggBgAwB0BUBgBcBshccChoSFHB1Yi03MDExOTU4ODM0NDEwODkxGNPacw&sigh=4csKOwdiATA&uach_m=[UACH]&cid=CAQSPgCNIrLMjm0uLjuqLQpVxnoU5KHsLyfGJFZbumD42MhTc36vn27WUkGePrDx8H5d_UASnZlDH__ZfSf8pnYaGAE
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 2CE8 0
0 51ms
20ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8ELikCdACmAKdg2ICAgAAALri8-6L2MhMEJjOemIKqmdZ0tdEK43PuQASAAA&wp=YnrOmAAHVBQH_YtWAAE22J3ljAzsktqg5Xy57A

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 156062
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame DDC1 162 KB
50 KB 254ms
130ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBQH_YtWAAE22J3ljAzsktqg5Xy57A&u=%7C2zDItZZ2ZeZ24m4QmPG3qyssz5D0aRUjG3iHGN8VOlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh21D9JdyWuQMCX56wCQsogXi3NiOwllbOTSMbnt9tUz_qpWe2W-jI2OTDdApiPbLKaBqEyJz0z7WKVKSjVgNDNczS0nBpOQnjrtgjRqprGERYvq6Q1lg2BE9OrrW2sneFbjs1dRO36GoHsepNk-j6BLKE2sO__q2fIgx3yfypSO87mn3VfqIFv0RWwyaPRDUaM_0Q2UPTRvK-mF3qEatSogDJpgw5exJ0uxnBdVsY1W_VoSjuohFzRpU-iYKukqHL9zTxYeion-qsnItmuP6Kdw9oeFk0Xriag7S5WimIyod_2C4NuLemd9Rx8WZRwF7V7WjpBvZ357-XgRaNhA7G0AtQ0hrwuqha9w5iGiEcm63Hl0PNvkMeJo140sQMJ-BjiZLvZEj8ZfHx5C9l1i9Ss&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFcDpmM56YpSoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEiQJP0IsMxZyv-ttnOMYb9lM48_u906k38tJ3wSmRJUqjCLgt0p2M8aRbYW1cXHEADaTYHSxDBPbptelJ3fJpVPatJtsSUQr3PyfrMa1-dA1RqLLX_6HJh6VoskhV5QTftZh_YWDkdY2-0t8AFALU4LO-X7oUYq4W3a_kCMJzk0S_Rcai9krmlsY01JrHVLG7_aGlek1O8wzQ-S_JTpcnD8YfpQXY28oyJvrVvMq0RpOLPQPuAOIL4esO_iab-URk-6vfnT0SDqAA-ydTddZwEcyb4qnubzoXtLjZsCYlcrXqcxvIKQgUmc1ylLu6SjaGWRG6en7Oa0EnUjOPqn_-m9MAfnl2HB_GKjLZ4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jfbTfcYay-eQAHTQz8emCTJ_0Ag%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f58ed6b86bc6f0e4c4c6aa24ba4be4e52b0ed20d49db0ff640e7f0729aa2be80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:44:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=oEdECHDPO5gxJOppCDpIPLn3sT0EkuI9C4AjngB7DT2tb1UVf63UlD796NDPWPhplQ_MIkH1papUJNsOuGs4c6yLS0eDsFr8DBfW5xzylheLmTg62DSMb4y4yYnvg47eW0WIXoqOxS-DUviHRXSCABsZxkf5Xp5eI-c7KU86kggqX69FEyUdeYRyVQ207vgALjG9vOY5nVxNBkBTY1WKAp5_T0-SHU6e5IrrBwN6gifhbf-UNGFA2ycEdFEOK6bN4QPOqw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 115357565
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 2CE8 3 KB
1 KB 178ms
91ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:43:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 2CE8 120 KB
37 KB 136ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:44:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 2CE8 15 KB
7 KB 127ms
40ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:41:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:41:49 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 2CE8 22 KB
7 KB 130ms
44ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 08:32:00 GMT

GET
H/1.1 200
OK cors Show response
data.ad-score.com/score/ 52 B
739 B 459ms
114ms XHR
text/plain 130.211.115.4
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://data.ad-score.com/score/cors?s=1&pid=1000032&tid=truvidTraffic&pub_domain=www.pua-unemployment-login.com&l1=5681&l2=pua-unemployment-login.com&l3=DE&l4=desktop&l5=5.742&cb=0.5096648617485058
Requested by: Host: s.trvdp.com
URL: https://s.trvdp.com/scripts/v5.742/ins.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 130.211.115.4 Council Bluffs, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 4.115.211.130.bc.googleusercontent.com
Software: /
Resource Hash: a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:44:09 GMT
Age: 0
Access-Control-Allow-Methods: GET,POST
P3p: CP="CURa ADMa DEVa TAIi PSAi PSDi IVAi IVDi CONi HISa TELi OUR IND DSP CAO COR"
Access-Control-Allow-Origin: https://www.pua-unemployment-login.com
Cache-Control: post-check=0, pre-check=0, false, proxy-revalidate, no-cache, no-cache=Set-Cookie, no-store, must-revalidate, max-age=0, s-maxage=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/plain; charset=utf-8
Content-Length: 52

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 5544 0
0 72ms
72ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CFyP0mM56YpeoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEhQJP0MLsBD59Jn1ZfILA_esXLkilV0MgAdh7kvt0Jlhi8scq1adX_julGm0dClqLXE3X50KYnP-u1ogBgyZL6Yv65aJYkdyl5zy59c-iNzL98jwzpRwv-OfEZzTMDlcfSM3UOXOiTA-5V0iAsic3SV2WePzmSB2D5ysAjzz_IYcY-8bA3i8DWtpZ_tNHDWnmAE0e_WUG9wKSCtwMBn1D8AtiIODSncBaO6yF-9FBeyBKRYHri5W3uNtzboU3PYOGfIeP_BIasNYj0x5nn05yNOAO84YcUeP1lwjsJ1GqqScnSGrftTN0C0m0g0-ut2B4Uq_Qf2xD4I9jMsz5MLYjK_NWNF1HIl_gBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTcwMTE5NTg4MzQ0MTA4OTEY09pz&sigh=oDoAjQgJb-g&uach_m=[UACH]&cid=CAQSPgCNIrLMjm0uLjuqLQpVxnoU5KHsLyfGJFZbumD42MhTc36vn27WUkGePrDx8H5d_UASnZlDH__ZfSf8pnYaGAE
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5544 0
0 25ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMg12AVanYNiAgIAAAC64vPui9jITBCYznpi-Vw2Aom1rMWjwWcAEgAA&wp=YnrOmAAHVBcH_YtWAAE22Iqr_aCtBpQlYNsfPg

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
server: Kestrel
server-processing-duration-in-ticks: 304193
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0673 148 KB
50 KB 281ms
178ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBcH_YtWAAE22Iqr_aCtBpQlYNsfPg&u=%7C2zDItZZ2ZeaqyfWoYxNdNfbqhoZOlO%2F1H8NfV7dRvhY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-BiSE6tqOp4TSHWJrbBq4Zx5EiaZHzu7j7YT2K9a8KlrcWhhIOFgyxfOcEjItwH773XWpBEXHstbggDGIoYt0FNRpRUVSX6Nu4D2v8l7UTWvmQVujuM_fWsEPnMz2tfNlN3Br1KmqsgdFf-e4a_85NWpmUVNGTTgRQUfZHfFjwBB_s4m8s8qWz5ZRoECNV0EX10esXFij8_ANFiMWb5o3MnFtyJlTDsRZ55FNIwWu_bUP_mqJP8C5JfXUwG9pbzVt1kF2CMZ_AoxzcvM3hzs8sgHB8C7Bk70W8-7-Nm9jxyGT59JCpnAgrOTJLeQeB_k2vG7Rjo-UjNwbxmMpMNn_QT4pHdWisqsVXBrp48VXwbRaWbJYuQTiesivOoAe-gXNAP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRljYmM56YpeoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEiAJP0MLsBD59Jn1ZfILA_esXLkilV0MgAdh7kvt0Jlhi8scq1adX_julGm0dClqLXE3X50KYnP-u1ogBgyZL6Yv65aJYkdyl5zy59c-iNzL98jwzpRwv-OfEZzTMDlcfSM3UOXOiTA-5V0iAsic3SV2WePzmSB2D5ysAjzz_IYcY-8bA3i8DWtpZ_tNHDWnmAE0e_WUG9wKSCtwMBn1D8AtiIODSncBaO6yF-9FBeyBKRYHri5W3uNtzboU3PYOGfIeP_BIasNYj0x5nn05yNOAO84YcUeP1lwjsJ1GqqScnCmj-J7T7l1oLH1sNZ13eqqbEddpJzpfhhgTElkScNd9OsffDMeAp67PgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2haLB0RHIia1Ytr6QtKvTtShdlMA%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e2ced5cf4db64fc1682b897a729d686a971bb8b576b674d3e167175e7371e3f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:44:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=WkOgUnDPO5gxJOppc5cqGwBHnK4EAkl5xVIlYgWrPwGX1vxdKKg5Z4EKvtve6hprt23Wad2sjNyqkmKJe-EtB9_0KIhvzUWct0iQNfVavw_4l9JJiFuSyrh6wUXeSZuXL05tczUqwAC7V1uSmAKD497gbgvIf8a6a9myhDTE3uFHySIfpqbqagzAdyTLy29yx366wI1GNVSEQuqWD5ZvMPQxDyzZKOxI8mrZQKQvWG1V30m-L6MSpvJHUSA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 159278390
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 5544 3 KB
1 KB 156ms
89ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:43:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5544 120 KB
37 KB 190ms
123ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:44:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 5544 15 KB
6 KB 116ms
50ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:41:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:41:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5544 0
0 136ms
51ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTllWaAn-CYsjAoVyYAXT4s30NA98AB5ueqdLCQj_9HSx2FewpLPPJPf_hupBl-Q6lenyvavqaT3cK22t5HG-hZUxPXfA
Requested by: Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5544 22 KB
7 KB 141ms
75ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 08:32:00 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 0625 0
0 71ms
70ms Fetch
text/html 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdXlJmM56YpKoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEiwJP0OB1Hn9eFFed6nT_jJwgooD_6iT1WtgB0OK78_rxnQpQ4Ok8vjWy41flDpsFlLDOpO8MyYB_AM_O3Bso6komhrVS0bKnW_UNHkR5frhS4XOELxIBif4qHu3uGBHI-wZGe_O-5soKLY4N0vHKkKKfzri5o2d-EFWbcbX29wrg7khixTN0tc4p1wOc7Axnwc5IP0hlRC9c4sOrImlqOJj8YDAnh1ksf78V8HNb_1EIiuVJ0gSvbJFR61kjDTQgJN1Lbrmgm4HhrbZg-3_IrP4dSl2C7lbSTuceS0O2nh7KKU8VhpFqW8QXE9qc-_1WhO2Q_aB_KSDindaZqb_YSyGW2HdqiPfYYVUEOQvgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBABgAoD-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTcwMTE5NTg4MzQ0MTA4OTEY09pz&sigh=LPQZdJWH_fA&uach_m=[UACH]&cid=CAQSPgCNIrLMjm0uLjuqLQpVxnoU5KHsLyfGJFZbumD42MhTc36vn27WUkGePrDx8H5d_UASnZlDH__ZfSf8pnYaGAE
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s02-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 0625 0
0 16ms
15ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EI-lBKwC2ASdg2ICAgAAALri8-6L2MhMEJfOemKJEz0Vz_i6rMB7NwASAAA&wp=YnrOmAAHVBIH_YtWAAE22OLakwdm83MgAgEDgQ

Requested by

Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
server: Kestrel
server-processing-duration-in-ticks: 270958
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 6BDF 204 KB
58 KB 255ms
163ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBIH_YtWAAE22OLakwdm83MgAgEDgQ&u=%7C%2B2ikcAIGH9W5xRZSmRGx%2BLGlta0Chs0ozJudaMWVXT4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA5hKUJQuFTAJdYxleDy0efHbqivfva4psifpQ3Jeczx6benwn03C8roVBBC2aOALaQEpHm5cC_E6kMvmXP9H-FJbq4p6GfB4VBFd8RCjiLxNFOlPn7hzry1Px0X0yoFkUnZPdhXhxBLOhMbHBo1R0oX4SMh3unis5ev-ziz4p9I-UuvdwHevbcAPAGtOJMCGb1STjeNyekFotYBIKKPkPZL5t6iikCd1CmfYCdSg_H73M-5dPLD9XLeZLB70ATnJUrfY_TUWawq-Od-6Gy6cnnkcIKa8WOuWnomgPi0lZYyVVnYzWlKOC9jrj7QeFvo5GxFCchyMGmE2iIKS4Wu8NdZ5nV12XdgWWyshoUQ9DmSJUr19yqr1PLoiUbHp0PgXc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDPSAmM56YpKoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEjgJP0OB1Hn9eFFed6nT_jJwgooD_6iT1WtgB0OK78_rxnQpQ4Ok8vjWy41flDpsFlLDOpO8MyYB_AM_O3Bso6komhrVS0bKnW_UNHkR5frhS4XOELxIBif4qHu3uGBHI-wZGe_O-5soKLY4N0vHKkKKfzri5o2d-EFWbcbX29wrg7khixTN0tc4p1wOc7Axnwc5IP0hlRC9c4sOrImlqOJj8YDAnh1ksf78V8HNb_1EIiuVJ0gSvbJFR61kjDTQgJN1Lbrmgm4HhrbZg-3_IrP4dSl2C7lbSTuceS0O2nh7KKU8VhpFqGcY2gV0TZ-7pGPkzLZ3Z0Sn2l2CTh6da_-mrfoXVltvA5P-AKrQA1qXgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1A8AqOjr4c1qE267pfUFDF27s0yw%26client%3Dca-pub-7011958834410891%26adurl%3D

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ab94a62fa44fdf084042025dd4a31e7efc881b755657d7ffc6e53e3b087a6b24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:44:09 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=kqQuKHDPO5gxJOpprjD5wVXrJZ2zD2x20YZamuEAmOjksxHhAgHxDw5rmVqti4i6n4UClFnWIjVlxhC5hwsbijV9ySubi1kZlJCJEqyN2lG9BRs_l_c6rC2FMySqntz3V3YK8dfHDh_uM0lOSOI2iHvlgrneqQGf7P7CO8uUeRCaOaMCtwTy7sdIjXCHJeq_fYqOAWZAu9XOAQLBdgk0xy4zCm6vF1XaTWiwIuzF9IjCsBrd-0XMX4_lDyafeWOH6NPMZA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 148022073
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 0625 3 KB
1 KB 148ms
93ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/window_focus_fy2019.js

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:43:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:43:27 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0625 120 KB
37 KB 150ms
95ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37409
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1652096384767712"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:44:09 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/ Frame 0625 15 KB
6 KB 134ms
80ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220509/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:41:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 140
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6415
x-xss-protection: 0
server: cafe
etag: 567849196274905959
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 24 May 2022 20:41:49 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 0625 0
0 123ms
50ms Image
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTsP8O03VlyfqkZTHnqLXfGjNTNkGOXS8udGR04X1m5R5FfC1w5Fi-pMzGLw_DgYyjatlW38ImDnMqByvuAsAGitueFNQ
Requested by: Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0625 22 KB
7 KB 137ms
84ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
URL: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 08:32:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 43929
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 10 May 2023 08:32:00 GMT

GET
H/1.1 200
OK l Show response
mcdp-nydc1.outbrain.com/ 2 B
292 B 95ms
94ms Fetch
text/plain 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://mcdp-nydc1.outbrain.com/l?token=99cbc0393dcc8d16ccc1e0ab3fb57924_122703_1652215449376&tm=1511&eT=0&widgetWidth=324&widgetHeight=342&widgetX=1055&widgetY=1309&wRV=2000718&pVis=1&lsd=-1&eIdx=&cnsnt=no_consent&rtt=242&oo=true&ab=0&wl=0
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

access-control-allow-origin: *
Date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
X-TraceId: d5b6777193a5d45246cb45343640cad6
Content-Type: text/plain; charset=UTF-8
Content-Length: 28
access-control-expose-headers: content-range

GET
H2 200 eyJpdSI6ImZmZjk4NWI3ZjZlZjc2ODE4N2ExN2I4YTIzNTczY2U1NzhhMjMyOTJjZjA5NzA0NGEwYzQ5YjM0NDViYTUyMGQiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
images.outbrainimg.com/transform/v3/ 29 KB
29 KB 16ms
16ms Image
image/webp 2.22.34.3
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://images.outbrainimg.com/transform/v3/eyJpdSI6ImZmZjk4NWI3ZjZlZjc2ODE4N2ExN2I4YTIzNTczY2U1NzhhMjMyOTJjZjA5NzA0NGEwYzQ5YjM0NDViYTUyMGQiLCJ3Ijo0MDAsImgiOjMwMCwiZCI6MS41LCJjcyI6MCwiZiI6NH0.webp
Requested by: Host: www.pua-unemployment-login.com
URL: https://www.pua-unemployment-login.com/new_york
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.22.34.3 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-22-34-3.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 43d228bf71872649260ecd7b8dbfb329292dd719348c40e8a4c3ffb5bb141bde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
cache-control: max-age=316082
last-modified: Fri, 18 Mar 2022 13:29:11 GMT
x-traceid: 6d3a181517ddbf4011a95019728f237d
timing-allow-origin: *
content-length: 29378
content-type: image/webp

GET
DATA 200
OK truncated
/ Frame 2CE8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4e268900181e28d01ff0cd9fdb1248126156d0701c2ee999081fae0f02bfb7b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0625 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 230b8e43af25a1f4099b13b2467457f7c84ca9a37297cff2b0adc58fb6e11d09

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5544 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c8dceb6734f4372797f53f1f49203d761cef7750009f12a2e92d2a16c90bbff7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame DDC1 2 KB
1 KB 46ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBQH_YtWAAE22J3ljAzsktqg5Xy57A&u=%7C2zDItZZ2ZeZ24m4QmPG3qyssz5D0aRUjG3iHGN8VOlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh21D9JdyWuQMCX56wCQsogXi3NiOwllbOTSMbnt9tUz_qpWe2W-jI2OTDdApiPbLKaBqEyJz0z7WKVKSjVgNDNczS0nBpOQnjrtgjRqprGERYvq6Q1lg2BE9OrrW2sneFbjs1dRO36GoHsepNk-j6BLKE2sO__q2fIgx3yfypSO87mn3VfqIFv0RWwyaPRDUaM_0Q2UPTRvK-mF3qEatSogDJpgw5exJ0uxnBdVsY1W_VoSjuohFzRpU-iYKukqHL9zTxYeion-qsnItmuP6Kdw9oeFk0Xriag7S5WimIyod_2C4NuLemd9Rx8WZRwF7V7WjpBvZ357-XgRaNhA7G0AtQ0hrwuqha9w5iGiEcm63Hl0PNvkMeJo140sQMJ-BjiZLvZEj8ZfHx5C9l1i9Ss&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFcDpmM56YpSoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEiQJP0IsMxZyv-ttnOMYb9lM48_u906k38tJ3wSmRJUqjCLgt0p2M8aRbYW1cXHEADaTYHSxDBPbptelJ3fJpVPatJtsSUQr3PyfrMa1-dA1RqLLX_6HJh6VoskhV5QTftZh_YWDkdY2-0t8AFALU4LO-X7oUYq4W3a_kCMJzk0S_Rcai9krmlsY01JrHVLG7_aGlek1O8wzQ-S_JTpcnD8YfpQXY28oyJvrVvMq0RpOLPQPuAOIL4esO_iab-URk-6vfnT0SDqAA-ydTddZwEcyb4qnubzoXtLjZsCYlcrXqcxvIKQgUmc1ylLu6SjaGWRG6en7Oa0EnUjOPqn_-m9MAfnl2HB_GKjLZ4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jfbTfcYay-eQAHTQz8emCTJ_0Ag%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame DDC1 2 KB
1 KB 50ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame DDC1 308 B
636 B 50ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame DDC1 507 B
835 B 48ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame DDC1 0
690 B 188ms
129ms Image
text/plain 2600:9000:224a:0:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215448
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBQH_YtWAAE22J3ljAzsktqg5Xy57A&u=%7C2zDItZZ2ZeZ24m4QmPG3qyssz5D0aRUjG3iHGN8VOlQ%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jvULOd3YfT8Kie5-AMuoqyTirKgE-lWZeh21D9JdyWuQMCX56wCQsogXi3NiOwllbOTSMbnt9tUz_qpWe2W-jI2OTDdApiPbLKaBqEyJz0z7WKVKSjVgNDNczS0nBpOQnjrtgjRqprGERYvq6Q1lg2BE9OrrW2sneFbjs1dRO36GoHsepNk-j6BLKE2sO__q2fIgx3yfypSO87mn3VfqIFv0RWwyaPRDUaM_0Q2UPTRvK-mF3qEatSogDJpgw5exJ0uxnBdVsY1W_VoSjuohFzRpU-iYKukqHL9zTxYeion-qsnItmuP6Kdw9oeFk0Xriag7S5WimIyod_2C4NuLemd9Rx8WZRwF7V7WjpBvZ357-XgRaNhA7G0AtQ0hrwuqha9w5iGiEcm63Hl0PNvkMeJo140sQMJ-BjiZLvZEj8ZfHx5C9l1i9Ss&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFcDpmM56YpSoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEiQJP0IsMxZyv-ttnOMYb9lM48_u906k38tJ3wSmRJUqjCLgt0p2M8aRbYW1cXHEADaTYHSxDBPbptelJ3fJpVPatJtsSUQr3PyfrMa1-dA1RqLLX_6HJh6VoskhV5QTftZh_YWDkdY2-0t8AFALU4LO-X7oUYq4W3a_kCMJzk0S_Rcai9krmlsY01JrHVLG7_aGlek1O8wzQ-S_JTpcnD8YfpQXY28oyJvrVvMq0RpOLPQPuAOIL4esO_iab-URk-6vfnT0SDqAA-ydTddZwEcyb4qnubzoXtLjZsCYlcrXqcxvIKQgUmc1ylLu6SjaGWRG6en7Oa0EnUjOPqn_-m9MAfnl2HB_GKjLZ4AQBgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggHCIjhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3jfbTfcYay-eQAHTQz8emCTJ_0Ag%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:0:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:09 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: GbfLvQjCDP7XCJAnsq92a3Fp3FToZWjfY5DnvnjaA2DEhrX-w9hJmQ==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame DDC1 43 B
348 B 67ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=roVMTDACq-ghFkGvPg4D7jpfanpQsUXG8jn7eNdgaJa1IiEteKmu4Ge_Qhvs_b8gieuu_3tZzSWP4hngyO66KjUhx9Vb4GdrjXUUSWeh9fnOKdQaO61eq5zeShko-0ZZ1qnHISso9NsW1ePrt2AwRdFgEgk-x9QYw45Q92JrSs7vAtl9OQi192OoHBOcOGEGypbVN8iyGDWVGeiGgEJ-w1d1OD7ZK_EobxDtLLLUJOn23_-GlRKeblnt7tpE-OMmxuVJLNDrsRhDAVfH_vTrWdG1s2gdQ7O5jnH73auJzZKamraTpbEzKKadO1ANBgp7Zd2CiFCleoyb-3z7ItgpKyXDm4XYLwuO-4HAAo_0qPIBmE4gchU2m3KhfM2E_07Wuc9unWyNxtaxyo_SKHVQjPG7dOR-NF7hyfyQct44X1mVuK_R9sSJzJPNzKX-bfdi0csmRA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:08 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3706237
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame DDC1 12 KB
6 KB 25ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame DDC1 18 KB
18 KB 59ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=92&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=668&s=zZ9XXdLqBPrx8VhOI0CLOKLn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

63fcc9fc6cf4e04b4c3190ae61fbdd2540d37d73ea1d665a4ffd6d7324847a04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30973666
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 18609
expires: Thu, 04 May 2023 08:31:55 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DDC1 0
128 B 54ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=oEdECHDPO5gxJOppCDpIPLn3sT0EkuI9C4AjngB7DT2tb1UVf63UlD796NDPWPhplQ_MIkH1papUJNsOuGs4c6yLS0eDsFr8DBfW5xzylheLmTg62DSMb4y4yYnvg47eW0WIXoqOxS-DUviHRXSCABsZxkf5Xp5eI-c7KU86kggqX69FEyUdeYRyVQ207vgALjG9vOY5nVxNBkBTY1WKAp5_T0-SHU6e5IrrBwN6gifhbf-UNGFA2ycEdFEOK6bN4QPOqw&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:44:08 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame DDC1 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame DDC1 2 KB
1 KB 17ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 6BDF 2 KB
1 KB 22ms
22ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBIH_YtWAAE22OLakwdm83MgAgEDgQ&u=%7C%2B2ikcAIGH9W5xRZSmRGx%2BLGlta0Chs0ozJudaMWVXT4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA5hKUJQuFTAJdYxleDy0efHbqivfva4psifpQ3Jeczx6benwn03C8roVBBC2aOALaQEpHm5cC_E6kMvmXP9H-FJbq4p6GfB4VBFd8RCjiLxNFOlPn7hzry1Px0X0yoFkUnZPdhXhxBLOhMbHBo1R0oX4SMh3unis5ev-ziz4p9I-UuvdwHevbcAPAGtOJMCGb1STjeNyekFotYBIKKPkPZL5t6iikCd1CmfYCdSg_H73M-5dPLD9XLeZLB70ATnJUrfY_TUWawq-Od-6Gy6cnnkcIKa8WOuWnomgPi0lZYyVVnYzWlKOC9jrj7QeFvo5GxFCchyMGmE2iIKS4Wu8NdZ5nV12XdgWWyshoUQ9DmSJUr19yqr1PLoiUbHp0PgXc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDPSAmM56YpKoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEjgJP0OB1Hn9eFFed6nT_jJwgooD_6iT1WtgB0OK78_rxnQpQ4Ok8vjWy41flDpsFlLDOpO8MyYB_AM_O3Bso6komhrVS0bKnW_UNHkR5frhS4XOELxIBif4qHu3uGBHI-wZGe_O-5soKLY4N0vHKkKKfzri5o2d-EFWbcbX29wrg7khixTN0tc4p1wOc7Axnwc5IP0hlRC9c4sOrImlqOJj8YDAnh1ksf78V8HNb_1EIiuVJ0gSvbJFR61kjDTQgJN1Lbrmgm4HhrbZg-3_IrP4dSl2C7lbSTuceS0O2nh7KKU8VhpFqGcY2gV0TZ-7pGPkzLZ3Z0Sn2l2CTh6da_-mrfoXVltvA5P-AKrQA1qXgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1A8AqOjr4c1qE267pfUFDF27s0yw%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 6BDF 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 6BDF 308 B
636 B 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 6BDF 507 B
835 B 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 6BDF 0
689 B 130ms
130ms Image
text/plain 2600:9000:224a:0:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215448
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBIH_YtWAAE22OLakwdm83MgAgEDgQ&u=%7C%2B2ikcAIGH9W5xRZSmRGx%2BLGlta0Chs0ozJudaMWVXT4%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNTJmLEv97WHnUtKOrKYxIgy15bW8W2rqt8moXOmZ61Js1hV2A5U12MlBuvHpjHFyA5hKUJQuFTAJdYxleDy0efHbqivfva4psifpQ3Jeczx6benwn03C8roVBBC2aOALaQEpHm5cC_E6kMvmXP9H-FJbq4p6GfB4VBFd8RCjiLxNFOlPn7hzry1Px0X0yoFkUnZPdhXhxBLOhMbHBo1R0oX4SMh3unis5ev-ziz4p9I-UuvdwHevbcAPAGtOJMCGb1STjeNyekFotYBIKKPkPZL5t6iikCd1CmfYCdSg_H73M-5dPLD9XLeZLB70ATnJUrfY_TUWawq-Od-6Gy6cnnkcIKa8WOuWnomgPi0lZYyVVnYzWlKOC9jrj7QeFvo5GxFCchyMGmE2iIKS4Wu8NdZ5nV12XdgWWyshoUQ9DmSJUr19yqr1PLoiUbHp0PgXc&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDPSAmM56YpKoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEjgJP0OB1Hn9eFFed6nT_jJwgooD_6iT1WtgB0OK78_rxnQpQ4Ok8vjWy41flDpsFlLDOpO8MyYB_AM_O3Bso6komhrVS0bKnW_UNHkR5frhS4XOELxIBif4qHu3uGBHI-wZGe_O-5soKLY4N0vHKkKKfzri5o2d-EFWbcbX29wrg7khixTN0tc4p1wOc7Axnwc5IP0hlRC9c4sOrImlqOJj8YDAnh1ksf78V8HNb_1EIiuVJ0gSvbJFR61kjDTQgJN1Lbrmgm4HhrbZg-3_IrP4dSl2C7lbSTuceS0O2nh7KKU8VhpFqGcY2gV0TZ-7pGPkzLZ3Z0Sn2l2CTh6da_-mrfoXVltvA5P-AKrQA1qXgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1A8AqOjr4c1qE267pfUFDF27s0yw%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:0:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:09 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: 7tKl2_5s8zYN9-A9NB6SgKPTL_ClBB3JC7uhajNHtZuypbXrXZd7dw==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 6BDF 43 B
347 B 19ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=-v-RvueY1lTfXKpfqTBHIEZqRfRIQ4JBAkHnlUY4DEXm6vUk3CCvuzXozltvdr_X3XPVKfdFGnT8vP49wt8LuqbN_yJaO9RKH0pem2nZP8VHZEFmSkGUjg-Chnj_LtvP3Zax8cl6ulupGyug_cYdfGF1tOqj4nDsQpBDIbTFHNzDIJjrLx9_rGPhl4rFiwcMLL7HwmQE5nx-Mlzv6mY99D9-_Bv9Mfh4YbaEG_zeqSEKHSzzdigV1Qs10b093kHs9brzC7okaq6mhOYaefkN6JaqLvT6wUGY7jbM3l_sqXeCb0DWIPnBcBVqwxU3-JxyWLKWaMSPTFULfbGLH-R0_lELhX4pdm6TOqkg6UW7msViek4qpZFdZ5IO4FUIzFtb64VoJbQ2xWQWz0TIdHeTu8FDR4GvEkzdvMkGANSbp-3tv8XsFo3JiHCSt4SJdp5_amdVpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:09 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3591279
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 6BDF 12 KB
6 KB 15ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BDF 16 KB
16 KB 16ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=104&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=596&s=VmpB6zKqWSQPc8u3HQtDjREj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29479238
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 16600
expires: Mon, 17 Apr 2023 01:24:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BDF 2 KB
2 KB 16ms
15ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2Flogodrivetech-Fahrversuch-GmbH-171567DE.gif%3Feb%3D1&v=3&w=800&s=1GTJgbcAiVvY7_ggstT1IrP4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=845014
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1538
expires: Fri, 20 May 2022 15:27:44 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BDF 2 KB
3 KB 16ms
16ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoAmprio-GmbH-201935DE-2106231706.gif%3Feb%3D1&v=3&w=800&s=HokYZuKMzPY0PkFyJnXtNULS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=995660
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2446
expires: Sun, 22 May 2022 09:18:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BDF 2 KB
2 KB 15ms
14ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoStepStone-GmbH-148733DE.gif%3Feb%3D1&v=3&w=800&s=3Z7pKamwHk51W_XnQuTU03dr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2229348
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1770
expires: Sun, 05 Jun 2022 15:59:58 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BDF 5 KB
5 KB 19ms
19ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoZenJob-GmbH-Extern-253922DE-2011231050.gif%3Feb%3D1&v=3&w=800&s=yNtVSyMvGQ7vNe6i3CJi6U6k&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 4833
expires: Tue, 10 May 2022 20:44:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BDF 1 KB
1 KB 16ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FJ%2FlogoJS_Deutschland_GmbH_24984DE.gif%3Feb%3D1&v=3&w=800&s=kazlmmYaf1I4CAPjpV7VMXGz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=152047
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1100
expires: Thu, 12 May 2022 14:58:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BDF 3 KB
3 KB 17ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F4%2FlogoABF-Pharmazie-GmbH-Co-KG-276589DE-2112061114.gif%3Feb%3D1&v=3&w=800&s=vJeTBViTBA0akNWov1NPb446&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

511dfce7c1f8030304d0d886e6f4a408a84e76c4a8ca8a1ca1a3414dcaf54dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2385082
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2770
expires: Tue, 07 Jun 2022 11:15:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BDF 1 KB
2 KB 16ms
15ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FF%2FlogoIlle-Papier-Service-GmbH-280332DE-2111180848.gif%3Feb%3D1&v=3&w=800&s=74XW6ztms1yLBuCIA2_W-hQs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d5ea9fcb2a448ba0c621ea95e22d27827e79c5aabee99a0ccea258665e5f40a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1472702
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1450
expires: Fri, 27 May 2022 21:49:11 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 6BDF 2 KB
2 KB 19ms
19ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoAllianz-Lebensversicherungs-AG-DE.gif%3Feb%3D1&v=3&w=800&s=_0iOr2Jv9LeC6OLfhyKDagJs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8e32408791dcf728d85da76e62e561df1a30634d6c8da8e6f05ac58caa0e477a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:08 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2051154
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1624
expires: Fri, 03 Jun 2022 14:30:04 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 6BDF 0
127 B 16ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=kqQuKHDPO5gxJOpprjD5wVXrJZ2zD2x20YZamuEAmOjksxHhAgHxDw5rmVqti4i6n4UClFnWIjVlxhC5hwsbijV9ySubi1kZlJCJEqyN2lG9BRs_l_c6rC2FMySqntz3V3YK8dfHDh_uM0lOSOI2iHvlgrneqQGf7P7CO8uUeRCaOaMCtwTy7sdIjXCHJeq_fYqOAWZAu9XOAQLBdgk0xy4zCm6vF1XaTWiwIuzF9IjCsBrd-0XMX4_lDyafeWOH6NPMZA&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:44:08 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 6BDF 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 6BDF 2 KB
1 KB 15ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0673 2 KB
1 KB 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBcH_YtWAAE22Iqr_aCtBpQlYNsfPg&u=%7C2zDItZZ2ZeaqyfWoYxNdNfbqhoZOlO%2F1H8NfV7dRvhY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-BiSE6tqOp4TSHWJrbBq4Zx5EiaZHzu7j7YT2K9a8KlrcWhhIOFgyxfOcEjItwH773XWpBEXHstbggDGIoYt0FNRpRUVSX6Nu4D2v8l7UTWvmQVujuM_fWsEPnMz2tfNlN3Br1KmqsgdFf-e4a_85NWpmUVNGTTgRQUfZHfFjwBB_s4m8s8qWz5ZRoECNV0EX10esXFij8_ANFiMWb5o3MnFtyJlTDsRZ55FNIwWu_bUP_mqJP8C5JfXUwG9pbzVt1kF2CMZ_AoxzcvM3hzs8sgHB8C7Bk70W8-7-Nm9jxyGT59JCpnAgrOTJLeQeB_k2vG7Rjo-UjNwbxmMpMNn_QT4pHdWisqsVXBrp48VXwbRaWbJYuQTiesivOoAe-gXNAP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRljYmM56YpeoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEiAJP0MLsBD59Jn1ZfILA_esXLkilV0MgAdh7kvt0Jlhi8scq1adX_julGm0dClqLXE3X50KYnP-u1ogBgyZL6Yv65aJYkdyl5zy59c-iNzL98jwzpRwv-OfEZzTMDlcfSM3UOXOiTA-5V0iAsic3SV2WePzmSB2D5ysAjzz_IYcY-8bA3i8DWtpZ_tNHDWnmAE0e_WUG9wKSCtwMBn1D8AtiIODSncBaO6yF-9FBeyBKRYHri5W3uNtzboU3PYOGfIeP_BIasNYj0x5nn05yNOAO84YcUeP1lwjsJ1GqqScnCmj-J7T7l1oLH1sNZ13eqqbEddpJzpfhhgTElkScNd9OsffDMeAp67PgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2haLB0RHIia1Ytr6QtKvTtShdlMA%26client%3Dca-pub-7011958834410891%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0673 2 KB
1 KB 19ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0673 308 B
636 B 17ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 0673 507 B
835 B 18ms
17ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 0673 0
688 B 128ms
128ms Image
text/plain 2600:9000:224a:0:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1652215448
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YnrOmAAHVBcH_YtWAAE22Iqr_aCtBpQlYNsfPg&u=%7C2zDItZZ2ZeaqyfWoYxNdNfbqhoZOlO%2F1H8NfV7dRvhY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvw29y1GxtacI6iVoVnLQ5srUOwC-sDBJIjvRCy3Ss-BiSE6tqOp4TSHWJrbBq4Zx5EiaZHzu7j7YT2K9a8KlrcWhhIOFgyxfOcEjItwH773XWpBEXHstbggDGIoYt0FNRpRUVSX6Nu4D2v8l7UTWvmQVujuM_fWsEPnMz2tfNlN3Br1KmqsgdFf-e4a_85NWpmUVNGTTgRQUfZHfFjwBB_s4m8s8qWz5ZRoECNV0EX10esXFij8_ANFiMWb5o3MnFtyJlTDsRZ55FNIwWu_bUP_mqJP8C5JfXUwG9pbzVt1kF2CMZ_AoxzcvM3hzs8sgHB8C7Bk70W8-7-Nm9jxyGT59JCpnAgrOTJLeQeB_k2vG7Rjo-UjNwbxmMpMNn_QT4pHdWisqsVXBrp48VXwbRaWbJYuQTiesivOoAe-gXNAP&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCRljYmM56YpeoHdaW9u8P2O2EkArJntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTcwMTE5NTg4MzQ0MTA4OTGgAdW20uoDyAEJqQLVLxohZquxPuACAKgDAaoEiAJP0MLsBD59Jn1ZfILA_esXLkilV0MgAdh7kvt0Jlhi8scq1adX_julGm0dClqLXE3X50KYnP-u1ogBgyZL6Yv65aJYkdyl5zy59c-iNzL98jwzpRwv-OfEZzTMDlcfSM3UOXOiTA-5V0iAsic3SV2WePzmSB2D5ysAjzz_IYcY-8bA3i8DWtpZ_tNHDWnmAE0e_WUG9wKSCtwMBn1D8AtiIODSncBaO6yF-9FBeyBKRYHri5W3uNtzboU3PYOGfIeP_BIasNYj0x5nn05yNOAO84YcUeP1lwjsJ1GqqScnCmj-J7T7l1oLH1sNZ13eqqbEddpJzpfhhgTElkScNd9OsffDMeAp67PgBAGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2haLB0RHIia1Ytr6QtKvTtShdlMA%26client%3Dca-pub-7011958834410891%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:0:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:09 GMT
via: 1.1 ed18d8ae19db26837eda53bbf8f03c08.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: MmTlVv5yeAU3sjloHK6sH_kbczf9efCKFk6Fzx1MiEB2b5nVJeOrag==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 0673 43 B
347 B 20ms
19ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=kaGfoOFtwMx5BkCzaq8HKeJFXfMNGu2DaGhyle6Zq3e9tkZBtsVf1VMeEcmZQ62mTQTwJIBm7mPLZ9tSWmgSfXYIHUz9YWOhPEMaCk0SLemi-die-J9oEvdiqPRiuZkxu86O5WiXCaBN46Iilg01f2VRG-hsEb0cSKXcn0OAXZ331_JVpkUHR8PouaWBJOTTrvZJYnz0bvgwFsfAQdhJ1eR0pdb39WnLNGkudsGazzVe8xzMS33KLZjIYhFlfSEN13o3dO1-yrAf9g4DE8KJf3Gbt2roL-zdlwydYIp7ReyJh5gO-N_OeipdFi_MLYxhtmfP82XKWtD-yhYhTqn2FJAmtqBpMysOBPbXji388JAadQ7PQ5xf9AQUAzZyYe6uZ96f6vESe9xn0O_BNTVk1JhVQ-88wTFgaBOYvAKCvPjSENUpi5I4mGD86_IJ4BESY8OaEA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:09 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 4298943
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0673 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0673 7 KB
7 KB 15ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=256&s=OoHbAbMjs34limBOASsMBFuJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29479237
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 7142
expires: Mon, 17 Apr 2023 01:24:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0673 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=WkOgUnDPO5gxJOppc5cqGwBHnK4EAkl5xVIlYgWrPwGX1vxdKKg5Z4EKvtve6hprt23Wad2sjNyqkmKJe-EtB9_0KIhvzUWct0iQNfVavw_4l9JJiFuSyrh6wUXeSZuXL05tczUqwAC7V1uSmAKD497gbgvIf8a6a9myhDTE3uFHySIfpqbqagzAdyTLy29yx366wI1GNVSEQuqWD5ZvMPQxDyzZKOxI8mrZQKQvWG1V30m-L6MSpvJHUSA&sds=2&rev=81468&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:44:09 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0673 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0673 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:09 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 05 May 2023 20:44:09 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 13 KB
11 KB 141ms
54ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022050501&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

25eac91c35a07f11e9fffac522ab6a37ac6648c30f353446d2b77c2ac3f0ce85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 10 May 2022 20:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10446
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 143ms
62ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022050501.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 10 May 2022 20:44:10 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 697B 13 KB
5 KB 39ms
39ms Document
text/html 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 7801
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 18:34:09 GMT
expires: Wed, 10 May 2023 18:34:09 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame B9EE 783 B
538 B 129ms
48ms Document
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3ae176c89ccdcc06bc953ab2ececc687997ea1bc520123d4cb23d3fcc6d07ef1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3TBD0+M5TC7/KjY6PKG3xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 516
content-security-policy: script-src 'report-sample' 'nonce-3TBD0+M5TC7/KjY6PKG3xA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 10 May 2022 20:44:10 GMT
expires: Tue, 10 May 2022 20:44:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js Show response
pagead2.googlesyndication.com/bg/ Frame 697B 35 KB
13 KB 119ms
40ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/6kAZB2R2IkMw87P0-iGviT-Bq_noDLkkkR6BhhZ9kEI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:15:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1705
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13523
x-xss-protection: 0
last-modified: Mon, 02 May 2022 13:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 10 May 2023 20:15:45 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame B9EE 0
0 106ms
105ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022050501&jk=1480295671358783&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 697B 0
9 B 38ms
38ms Image
text/plain 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?GFkdCA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

date: Tue, 10 May 2022 20:44:10 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2CE8 42 B
64 B 152ms
73ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvyCj3STIaBGmBgp8RN1sVDqQVN4OI8jN6erddNfKyk3vSbgRPPQBTAa9QVbCw6FHKhu5M6WbmOGnCYLd1ogLRf&sig=Cg0ArKJSzEFGXBkGGjXPEAE&id=lidar2&mcvt=1000&p=485,1052,765,1388&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=574321577&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652215449161&rpt=365&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5544 42 B
64 B 133ms
73ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssHSz1uqBaRLPiGl3DuuuWuv-dNpYAS_1P9bntsppXQ5dShLAI_VXSdiHbO7hU0k0hnci7W57q23hm25cS44yDy&sig=Cg0ArKJSzO-RTByRXiuiEAE&id=lidar2&mcvt=1001&p=1079,436,1169,1164&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220509&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=201602981&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1652215449167&rpt=398&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame DDC1 0
127 B 16ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:44:10 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

POST
H2 200 all
csm.eu.criteo.net/ Frame 0673 0
127 B 16ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 10 May 2022 20:44:10 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 84ms
83ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022050501&jk=1480295671358783&bg=!eXqlej7NAAZX5TVhd-U7ACkAdvg8WgUaxtZyePvJpcsXBNbqIMlqdV1A3_ZKS4xeaIIVugg8isEJwwIAAABFUgAAAAhoAQcKAJLMwUKmfg-XKNlo-vPTKnAHj49CvNP2uNA71gURrQsvmChp5t2MI2Bk8xyZCSr57NdOuDjm_PfILFEJ2GxPMW4oZMYu9SqqZvPViURiHkCtD9fQEijBs6jiXEw9sC4LWNqPR8U-V9eH-ec56UoH-V_cpf0n3Tn7scakGruIWWk8iH_TzBt3pnUF8GMUmn-Fu9IU05kCuJ1vgruwD8E1tmz98NxwE9Jfbviss5aOkgSegbTod4-PjhVumaEjmmCTjkn_ZtSjc1WTJnVinEdk5q9n664e9VKrSYGTomDfeuvYnhwmXKZtv7tYjkSL_Gdi-enf-xyka4jRT3eGcKYibYXpQfz0lYuCQz2p-tWu9Leo6DCkigDYm4cRGWAph5SFjctln-nZ1o_NrzjME5iQbZRfl_vGti5QGaqHJY-NnGLyKfhdtHjZbvMefVlvip87tHouV4yArg2qpRrk1l0G_uy5GAph2R_8RXlf8h5WFkMkB-htpP8983N-y81Ee2flG0DSZuas80yGRq1-PoKLvSfAcuWODXJAfAXXVVZRexQkohUfvjHp9nP_aMfO_DGyre0nxBsq5A0EPZH3lIyrYan-WBhtjcYp0jZmu5zqp7ALoPi8MIr8rFKsKaa6pcOLBdAry49LAKth5xmmibet3JI0U5FPBCJ0XTzWa8cc0hA5I58Ez3KVpX7utGiRIQaHIS39SKmPWqku-rXvEfj4iQUj0jfB9NsXZc_xlzagxUP0RmPxEbmyYjCNoHSDWTQC4uj2Jp3alBGdWaIiN4oS9Fwk6zbhDe_JLZKyUHia9PQgS81yLZb6CMqo4VB1aIZE5R1c3aQrW7_Uno9SXARQ_tJnkcfkkfjRePChc_lweykVG4N79jPbjWJnMLPShqlFJuDoQVa_qjFRJ0cbOD43GW-MBOD_fLYM8BXamFqfa76uToj3UuKB8g_rMlsy9HQ3asgiQYbvPjr_QpbCCwB_stYpolBZzecuJT93unWdUZzZkdX_rMooeYwIK2CVK9zJV8-vS2w6a8OlL6aavzlsECl9Pb5DBJhPUiRSKo4Tibe91HG6cj2yTB4eDTYF2VX2HtU7BiXW4DZUYO6F0TTLD7Seyff82jtGiYrhaivb0w
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.pua-unemployment-login.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36

Response headers

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
145 B 262ms
58ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=1&wv-hit=553182969&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&rn=60917263&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652215451%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510204411%3Au%3A1652215448646130186%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215451&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:11 GMT
last-modified: Tue, 10-May-2022 20:44:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:44:11 GMT

POST
H/1.1 200
OK log-viewability
log.outbrainimg.com/api/loggerBatch/ 4 B
325 B 340ms
85ms Ping
application/json 70.42.32.63
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to

Full URL: https://log.outbrainimg.com/api/loggerBatch/log-viewability
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 70.42.32.63 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 10 May 2022 20:44:11 GMT
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
X-TraceId: 4e70ca21673ca45a5f0fec999f0feaad
Content-Length: 4
Expires: 0

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
110 B 57ms
57ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=1&wv-hit=553182969&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&rn=414311438&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1652215452%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510204411%3Au%3A1652215448646130186%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215452&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:11 GMT
last-modified: Tue, 10-May-2022 20:44:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:44:11 GMT

POST
H2 200 87761349 Show response
mc.yandex.com/webvisor/ 43 B
205 B 52ms
51ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/87761349?wmode=0&wv-part=2&wv-hit=553182969&page-url=https%3A%2F%2Fwww.pua-unemployment-login.com%2Fnew_york&rn=576177907&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1652215453%3Aw%3A1600x1200%3Av%3A791%3Az%3A0%3Ai%3A20220510204412%3Au%3A1652215448646130186%3Avf%3Aa8mjecangl5v275zywhk%3Awe%3A1%3Ast%3A1652215453&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.pua-unemployment-login.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 10 May 2022 20:44:12 GMT
last-modified: Tue, 10-May-2022 20:44:12 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.pua-unemployment-login.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Tue, 10-May-2022 20:44:12 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

24 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.pua-unemployment-login.com/	1970-01-20 20:28:07	Name: _ga_2X191KKTRE Value: GS1.1.1652215448.1.0.1652215448.0
.yandex.ru/	1970-01-20 11:42:31	Name: yandexuid Value: 442490881652215448
.yandex.ru/	1970-01-20 11:42:31	Name: yuidss Value: 442490881652215448
mc.yandex.ru/	1969-12-31 23:59:59	Name: yabs-sid Value: 1881158351652215448
.yandex.ru/	1970-01-23 18:32:55	Name: i Value: EUJHg8eoaJ+W/CYGk5S1n8W5RE7642coK1LHrsBjlVDmO1XuZNScZHfff/I9dcpi50rZNHaWkjqgB+cbIdpVneEylkI=
.yandex.ru/	1970-01-20 11:42:31	Name: ymex Value: 1683751448.yrts.1652215448#1683751448.yrtsi.1652215448
.pua-unemployment-login.com/	1970-01-20 11:42:31	Name: _ym_uid Value: 1652215448646130186
.pua-unemployment-login.com/	1970-01-20 11:42:31	Name: _ym_d Value: 1652215448
.mc.yandex.com/	1970-01-20 02:56:56	Name: sync_cookie_csrf Value: 2617515518fake
.pua-unemployment-login.com/	1970-01-20 02:58:07	Name: _ym_isad Value: 2
.pua-unemployment-login.com/	1970-01-20 20:28:07	Name: _ga Value: GA1.2.2145794867.1652215448
.pua-unemployment-login.com/	1970-01-20 02:58:21	Name: _gid Value: GA1.2.1653241634.1652215448
.pua-unemployment-login.com/	1970-01-20 02:56:55	Name: _gat_gtag_UA_182103897_1 Value: 1
.mc.yandex.ru/	1970-01-20 02:56:56	Name: sync_cookie_csrf Value: 1579681664fake
.yandex.com/	1970-01-20 11:42:31	Name: yandexuid Value: 442490881652215448
.yandex.com/	1970-01-20 11:42:31	Name: yuidss Value: 442490881652215448
.mc.yandex.com/	1970-01-20 02:58:21	Name: sync_cookie_ok Value: synced
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1917182301652215448
.yandex.com/	1970-01-23 18:32:55	Name: i Value: Ph57qNtmVwDy64R7Ox58G7SB3ZgvEeyezv7TU2UkGrMDh2hWD3Qlg7wZOUsWUkSAczjTvBSrsIYO8LSinGd83PLxcrM=
.yandex.com/	1970-01-20 11:42:31	Name: ymex Value: 1683751448.yrts.1652215448#1683751448.yrtsi.1652215448
.pua-unemployment-login.com/	1970-01-20 02:56:57	Name: _ym_visorc Value: w
.pua-unemployment-login.com/	1970-01-20 12:18:31	Name: __gads Value: ID=2bd28df5dc541522-2229171c92cd00c5:T=1652215448:S=ALNI_MY_P-ysQKbAqL3aSsFR_0Nr1tlVLQ
.doubleclick.net/	1970-01-20 12:18:31	Name: IDE Value: AHWqTUleSNoz0vUsddhVPOrJjWFW6-QiuXu0NoIMkCOltNpAVl5LOs4zLWd2ugCln1c
data.ad-score.com/	1970-01-21 22:45:04	Name: token Value: hrAjIFsaZrPWE-0dt8-dJfjmyjmZGwrs

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.pua-unemployment-login.com/new_york Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a4544f23050fef402cf0422f6d1fb3ad.safeframe.googlesyndication.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cnt.trvdp.com
csm.eu.criteo.net
data.ad-score.com
go.trvdp.com
images.outbrainimg.com
log.outbrainimg.com
mc.yandex.com
mc.yandex.ru
mcdp-nydc1.outbrain.com
mv.outbrain.com
ob.cheqzone.com
obs.cheqzone.com
odb.outbrain.com
pagead2.googlesyndication.com
pix.eu.criteo.net
platform.foremedia.net
rtb.nl.eu.criteo.com
s.trvdp.com
secure-gl.imrworldwide.com
securepubads.g.doubleclick.net
static.criteo.net
stg.truvidplayer.com
tcheck.outbrainimg.com
tpc.googlesyndication.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.pua-unemployment-login.com
108.157.4.117
108.157.4.44
130.211.115.4
142.250.74.194
151.101.14.132
178.250.0.139
178.250.0.160
178.250.0.162
2.22.34.3
23.35.237.86
2600:1f18:e8a:cd10:3bb7:12f:ec6a:dc8a
2600:9000:214f:600:3:7e1c:5b40:93a1
2600:9000:223e:fc00:1e:6a6f:9700:93a1
2600:9000:224a:0:1e:a43d:b640:93a1
2600:9000:2251:0:d:3c0f:bcc0:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2001
2a00:1450:4001:827::2004
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
2a02:6b8::1:119
2a06:98c1:3120::a
70.42.32.63
02b5318a75e50e48ccddd6eac9eef067a275adc244f3c3f6186ed6b382d3f971
04e1f5f3bcc04d296fa4bd24e268a974667ea40eaaeacd747b0865b4595d33ea
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0dd3d558d8559d52065e99138474d86c2662e4d829147455c3614ce43021be09
0f48532ed0175b589d37f3325a8fc8974b8f7207a5414ac4ea548c1dc9b6d94e
193af24ee1ee57616c68f47ca4cc71c36fabb05b1afae6d15f4b0e267fc89c82
1acdc2684bd8b7adaff16a3484ffbfb6aba5d5f84c8f3b953b627d964f1dee09
1cfd32e37f8aba263101f06e8f702adfaef55a6601857cf5e2c6dd0b0388dcd6
230b8e43af25a1f4099b13b2467457f7c84ca9a37297cff2b0adc58fb6e11d09
25eac91c35a07f11e9fffac522ab6a37ac6648c30f353446d2b77c2ac3f0ce85
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a29e79bd75cc83eade181c4acc1c198786539997766b648bc21ed5aa7698408
2c87952cc1c23627496c7874271042bdb6af21efdf7cbf36ec4d98e6cec34d04
3616341a626ff768304cda8ac64aca4a6552ee71d542f2f5db100605ec798548
39d160e97e2bea07b0cf1c647259ffa4f0bd07069dba4e6c19a22d38b408510f
3ae176c89ccdcc06bc953ab2ececc687997ea1bc520123d4cb23d3fcc6d07ef1
3c24f134a6d815644ebf8a92b78322e5b927070050f13633f91509bf135b425f
4257ae7fef496cc1b81dd5e2fab57e8c938400c10b11566bf3a7fe41ff622f5b
43642f524e38cfd0c41e4a4e6769189dd2bd203e59062f876bad7e8945f66727
43d228bf71872649260ecd7b8dbfb329292dd719348c40e8a4c3ffb5bb141bde
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
511dfce7c1f8030304d0d886e6f4a408a84e76c4a8ca8a1ca1a3414dcaf54dd2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55ed920d444210fbe713cf81e8d6a615cd96d1b950b0704752209568e5754b30
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
639665b9e97aad7d30114d5b9b4d4b391d1ee6e870fd4515ec28e5a24c22863a
63fcc9fc6cf4e04b4c3190ae61fbdd2540d37d73ea1d665a4ffd6d7324847a04
6a9d8f9fe537fa5c85162022b0e0827fc319a4361388727bd8e1a6949833b542
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6f82e92f570144e5591909c4e61040ac0cbcb1024d0c0acc6a79abf7364d84ea
73a9eaebd1e51360e20a453fd080f7dc7ce220eb009c50c3337b41cf1b0db975
807d88ecc70a2cc1190dcd8e5f797138310a11e36f89f12bb4d71dda8cce0eec
8704f607741a4e0a4d82cf024d026c9e7c1d65241250c2223f31dca29a07dc15
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ceb3992861ed1fda25855c2e500e76842ae0d788405e50e3a9f45df36499cf6
8e32408791dcf728d85da76e62e561df1a30634d6c8da8e6f05ac58caa0e477a
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
930eb3f887b0f657812c12b21e1648e6955384adedca8aacab2855ed1d0b1acb
93319a3b1c194335463cccd1cf684f218fb7ef725dd40274dd033f5c389b6498
93fbf26c7da3d17b1d602ee05d91d63af89666e1c7df99fa9ea7656973102c9d
94bccc9b641ce0b4d8c6e0d75736d19c549ae58bf139e9d5ba5bfe8dad4a54cc
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
9d3a4411f186523148f4e4703a96f2259ee672b7b6133abe7953f243f571d7a2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3ea8a24f5910b9e5dc4d052708623c8a3608afeeffb17b11b8960071de25892
a3fb12e0586cb7710bc4ff3f906aa390cd18576b4d2a086389454e72c7f0b8df
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ab94a62fa44fdf084042025dd4a31e7efc881b755657d7ffc6e53e3b087a6b24
b0f5a0cc806846ed2f58fbb2740c4c7ef9ad190e401368493c1442b7dcc9eecd
b19999722a8d527a95ec2b9bbb3975413ba3ae1b25eedb666873491876f0c0cd
b591dbbdd781b3ee2d342a48864140edba332844de8aed0bfcb46e9339a50c47
b5bea41b6c623f7c09f1bf24dcae58ebab3c0cdd90ad966bc43a45b44867e12b
b9b69a3dd2271ada2d50dfe7bfaea402e8ae9d830cd245e34fac2437ca33158d
babb18965e9ca0d1953890df5b83fd4d714854b55e5af46dbec4bf768ab534c6
bc7efc48e5c37e8d392a52637dbdacc1b81c7ba29c8f10cd5a0ddb3cdd3fb180
bd4de6a3fc0fb68d6f76ba7b93514b96a92e585c295b5351c31ad92a4b0777ea
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
c4e268900181e28d01ff0cd9fdb1248126156d0701c2ee999081fae0f02bfb7b
c8dceb6734f4372797f53f1f49203d761cef7750009f12a2e92d2a16c90bbff7
cc5e65f3bf4a6f565b2e549b9b401450a1e7d283ffe50dd4a906b5375808b851
cccceafbf83aec903f0974b23f6c94fac56cebb332adc6d7fb48f4d957ff6329
cdbdaa122823601390c7dcbdd1afde33c2f1a432b8c5ff025c6137ee99ba541a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfaf60508a77b732490cebbf93a415622f5d33fc0a63f88365807b71a21c25b0
d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0
d5ea9fcb2a448ba0c621ea95e22d27827e79c5aabee99a0ccea258665e5f40a2
d637341e9d6d89752d08ae604391544a79e884fcb68c56a617c700b906555b7c
d93fae2bc8fe3a3b732c83a2202d51e4f793e1405a0350e193d3888243b40548
da524ab3b63b0729cef49c40106e10fe0f23483c0a761355cbbb7ee3742ccc28
dbe6a6b5b64bf6ea1a25fd5aa7c736f971111fa066ba856cde47432d02dc263b
df174ce03e6a22ad812e3301fa1cb4c94bb1c8fc36690e4077a958c4446eabb4
e16fe4288cd94baf606f7cb6c6ae75c11190d0d3ac08400baf30f7c15e9113b5
e2ced5cf4db64fc1682b897a729d686a971bb8b576b674d3e167175e7371e3f7
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e40143e736f525cb284279c368de9f5a44ab9278dba7911c1157d5ec0ba0a810
e442afceada3ad856d11b90bcc9ccfa5ee84182e6fa2125e5656ab00221f3f20
e467b8cb04f6f34bd50fa7f2f15a21d229f4403a8b88b25456219689377819ce
e680f84f5a15d5113b3d271f4f26456bbdd12103f70eaaf21ab08ef68aee9753
e760d7a664455560844fa5a08ec4b5fdfad4e317459ec480971a27e0ec6239e2
ea4019076476224330f3b3f4fa21af893f81abf9e80cb924911e8186167d9042
ecb02060fbb2cd5a6affe0d185aca6d9227a2c2fc53cd7b5be44ca9b95f2cec5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef6d8ff6a950a0640885449909435aa4c916bad8b234ddfe7ecb8b6831753f39
f02b9f630222ea616410be114b3154602919e62161356399be7cd45843136c57
f58ed6b86bc6f0e4c4c6aa24ba4be4e52b0ed20d49db0ff640e7f0729aa2be80
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f63c6de989281851ed59dfa1c06a7eecd4ab37f89453a7dd89150a2e1b8be469
f756dfbe6acaf000051e953483ef0b192ebde398a02a3b02342626d01e19cd2b
f8aadd68eb9c6abebf719b41cefb6466283be19d3154c9e51f38f0bac1bb7b82
fa878dbd6cc4e236980f3eac96da522eeeecd49c322b4f143432d1cf3d13170c

www.pua-unemployment-login.com Open in urlscan Pro 2a06:98c1:3120::a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

153 Requests

98 %HTTPS

63 %IPv6

20 Domains

36 Subdomains

31 IPs

5 Countries

1622 kBTransfer

4195 kBSize

24 Cookies

5 Outgoing links

Page URL History

Redirected requests

153 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.pua-unemployment-login.com Open in urlscan Pro
2a06:98c1:3120::a Public Scan

Screenshot
Live screenshot

Full Image

153
Requests

98 %
HTTPS

63 %
IPv6

20
Domains

36
Subdomains

31
IPs

5
Countries

1622 kB
Transfer

4195 kB
Size

24
Cookies

153 HTTP transactions
4 data transactions