rosefile.net Open in urlscan Pro
2606:4700:3034::6815:5db8 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://t.co/eyrF5BKa8r
Effective URL:
https://rosefile.net/58lno8283h/PDL33.7z.html
Submission: On October 01 via manual (October 1st 2022, 3:19:14 am UTC) from SG — Scanned from DE

Summary HTTP 173 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 6 countries across 32 domains to perform 173 HTTP transactions. The main IP is 2606:4700:3034::6815:5db8, located in United States and belongs to CLOUDFLARENET, US. The main domain is rosefile.net. The Cisco Umbrella rank of the primary domain is 949443.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on December 30th 2021. Valid for: a year.

This is the only time rosefile.net was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	104.244.42.5 104.244.42.5	13414 (TWITTER) (TWITTER)
14	2606:4700:303... 2606:4700:3034::6815:5db8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:806::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:400d:806::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
22	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
35	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:214... 2600:9000:214f:6e00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:1901:0:7... 2600:1901:0:76b9::	15169 (GOOGLE) (GOOGLE)
12	2606:4700:20:... 2606:4700:20::681a:bd1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:807::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
1	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2 2	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
4	142.251.39.2 142.251.39.2	15169 (GOOGLE) (GOOGLE)
1	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
1	198.47.127.19 198.47.127.19	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:20:... 2606:4700:20::681a:61b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700:20:... 2606:4700:20::681a:ad1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	142.250.185.134 142.250.185.134	15169 (GOOGLE) (GOOGLE)
3 3	104.111.239.217 104.111.239.217	16625 (AKAMAI-AS) (AKAMAI-AS)
1	148.251.139.77 148.251.139.77	24940 (HETZNER-AS) (HETZNER-AS)
1	2606:4700::68... 2606:4700::6812:7f05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	18.132.138.70 18.132.138.70	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.42 65.9.66.42	16509 (AMAZON-02) (AMAZON-02)
1	99.86.4.94 99.86.4.94	16509 (AMAZON-02) (AMAZON-02)
2	18.135.86.50 18.135.86.50	16509 (AMAZON-02) (AMAZON-02)
173	38

1 104.244.42.5 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700:3034::6815:5db8 (United States)

ASN13335 (CLOUDFLARENET, US)

rosefile.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:806::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:214f:6e00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1901:0:76b9:: (Kansas City, United States)

ASN15169 (GOOGLE, US)

prod-rtb.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)

as.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:807::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.215.191 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.2 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s37-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany) 1 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 2 redirects

ASN13335 (CLOUDFLARENET, US)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:61b (United States)

ASN13335 (CLOUDFLARENET, US)

static-de.ad4mat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::681a:ad1 (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.134 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.111.239.217 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-239-217.deploy.static.akamaitechnologies.com

www.awin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.zenaps.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 148.251.139.77 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.77.139.251.148.clients.your-server.de

banner.congstar.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:7f05 (United States)

ASN13335 (CLOUDFLARENET, US)

www.conrad.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.132.138.70 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-138-70.eu-west-2.compute.amazonaws.com

track.webgains.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-42.fra56.r.cloudfront.net

analytics.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.4.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-94.fra6.r.cloudfront.net

cdn.track.production.webgains.team	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.135.86.50 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-135-86-50.eu-west-2.compute.amazonaws.com

api.webgains.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	criteo.net static.criteo.net — Cisco Umbrella Rank: 636 pix.eu.criteo.net — Cisco Umbrella Rank: 8597 csm.eu.criteo.net — Cisco Umbrella Rank: 8499	494 KB
22	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 143	296 KB
16	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 ad.doubleclick.net — Cisco Umbrella Rank: 163	56 KB
14	ad4m.at as.ad4m.at — Cisco Umbrella Rank: 29897 ad4m.at — Cisco Umbrella Rank: 10156 assets.ad4m.at — Cisco Umbrella Rank: 37542	457 KB
14	rosefile.net rosefile.net — Cisco Umbrella Rank: 949443	112 KB
9	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 14567 ads.eu.criteo.com — Cisco Umbrella Rank: 8466 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10688 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 12829	168 KB
4	gstatic.com fonts.gstatic.com	99 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	175 KB
4	google.com adservice.google.com — Cisco Umbrella Rank: 76 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	webgains.io analytics.webgains.io — Cisco Umbrella Rank: 22113 api.webgains.io — Cisco Umbrella Rank: 59808	31 KB
2	awin1.com 2 redirects www.awin1.com — Cisco Umbrella Rank: 16217	1 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 429	2 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1499	1 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	1 KB
2	ad4mat.net prod-rtb.ad4mat.net — Cisco Umbrella Rank: 126281 static-de.ad4mat.net — Cisco Umbrella Rank: 172134	4 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	10 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8962	914 B
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2852	361 B
1	webgains.team cdn.track.production.webgains.team — Cisco Umbrella Rank: 69712	85 KB
1	webgains.com track.webgains.com — Cisco Umbrella Rank: 49931	2 KB
1	conrad.de www.conrad.de — Cisco Umbrella Rank: 68381	655 B
1	zenaps.com 1 redirects www.zenaps.com — Cisco Umbrella Rank: 19602	697 B
1	congstar.de banner.congstar.de — Cisco Umbrella Rank: 80410	518 B
1	rubiconproject.com 1 redirects pixel.rubiconproject.com — Cisco Umbrella Rank: 336	456 B
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 647	166 B
1	openx.net rtb.openx.net — Cisco Umbrella Rank: 1470	352 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 979	463 B
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1519	753 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 862	643 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	74 KB
1	t.co t.co — Cisco Umbrella Rank: 495	570 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
173	32

	Domain	Requested by
35	pix.eu.criteo.net	ads.eu.criteo.com
22	static.criteo.net	ads.eu.criteo.com
14	rosefile.net	t.co rosefile.net
11	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	pagead2.googlesyndication.com	rosefile.net pagead2.googlesyndication.com googleads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
10	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net t.co
6	assets.ad4m.at	as.ad4m.at
6	csm.eu.criteo.net	ads.eu.criteo.com
4	cm.g.doubleclick.net	googleads.g.doubleclick.net rosefile.net
4	ad4m.at	as.ad4m.at ad4m.at
4	fonts.gstatic.com	fonts.googleapis.com
4	as.ad4m.at	googleads.g.doubleclick.net as.ad4m.at ad4m.at
4	www.googletagservices.com	googleads.g.doubleclick.net
3	cat.nl.eu.criteo.com	ads.eu.criteo.com
3	ads.eu.criteo.com	googleads.g.doubleclick.net
2	api.webgains.io	analytics.webgains.io
2	www.awin1.com	2 redirects
2	ad.doubleclick.net	2 redirects
2	ssum-sec.casalemedia.com	2 redirects
2	e.dlx.addthis.com	2 redirects
2	fonts.googleapis.com	cdnjs.cloudflare.com
2	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	region1.google-analytics.com	www.googletagmanager.com
1	cdn.track.production.webgains.team	as.ad4m.at
1	analytics.webgains.io	track.webgains.com
1	track.webgains.com	as.ad4m.at
1	www.conrad.de	as.ad4m.at
1	www.zenaps.com	1 redirects
1	banner.congstar.de	as.ad4m.at
1	static-de.ad4mat.net	as.ad4m.at
1	pixel.rubiconproject.com	1 redirects
1	image6.pubmatic.com	googleads.g.doubleclick.net
1	rtb.openx.net	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	prod-rtb.ad4mat.net	t.co
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	rtb.nl.eu.criteo.com	t.co
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.googletagmanager.com	rosefile.net
1	t.co
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
173	45

This site contains no links.

Subject Issuer	Validity	Valid
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-07` - `2023-03-06`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-12-30` - `2022-12-30`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-27` - `2022-12-29`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-03` - `2022-11-05`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-01` - `2022-11-30`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-02` - `2022-11-01`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-08-21` - `2022-11-23`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
prod-rtb.ad4mat.net GTS CA 1D4	`2022-08-16` - `2022-11-14`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh
*.webgains.com Amazon	`2022-06-14` - `2023-07-13`	a year	crt.sh
*.webgains.io Amazon	`2022-08-23` - `2023-09-21`	a year	crt.sh
cdn.track.production.webgains.team Amazon	`2022-09-29` - `2023-10-28`	a year	crt.sh

This page contains 17 frames:

Primary Page: https://rosefile.net/58lno8283h/PDL33.7z.html
Frame ID: 52FE8E7DE47BE7FFE351B26ABE478980
Requests: 29 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html
Frame ID: 292596052B0474EE4EDBB172C4A6F08B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=1884398534&adf=2212218622&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594347&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347724&bpp=5&bdt=311&idt=250&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=6986479019647&frm=20&pv=2&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1mmimTasCd&p=https%3A//rosefile.net&dtd=271
Frame ID: 3123E6E2CC55F6389A2D10828D8A9275
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=3099582606&adf=3803042755&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347730&bpp=1&bdt=317&idt=272&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U3BwgrZTzM&p=https%3A//rosefile.net&dtd=276
Frame ID: 7B93717E723053CC818FDE23B938ACD6
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&adk=1812271804&adf=3025194257&lmt=1664594348&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347743&bpp=2&bdt=330&idt=266&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90%2C1110x90&nras=1&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=271
Frame ID: B6688285998221EF1C8F0699DB79AE22
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAD_IoK4FqFAAqf4-lvT2-SjfTe2u6ogQ&u=%7CgonU6PUF9UWBayP5FDcyljczMxavQc1eM3nlnQgFlxY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g9RtzwykkhATwVkapf3sZPJuxEWSKUi8imE__dT4qYDjIBLFSwMULw8P_Mi2fWvrRBfFZon9Kx8XlHNrda6XlurQg_2iaT7nzgZHkvx22h2FYcBjeHbPmlc5m8BBYpJAJaAaqsyWyXBJvgPSb1VqobDs9bdLvPka2K-ApvJtHdTaDpVR3JRa5yzAzfXJl5Xd0HxjvQlcCVjiX0o_g82lqbApw9e2AhwDB0E5B1hT0WSdfm9Fhf0O3wlj9XiQENtMe4vAJmpNEPjMAmion3ujzuG4QHmawF6xvd8sSJpdcMDXnB-XZlrXC0hZFm1USONXwuV-Zy_8Yq97AXk7eSWW6vNJFQFLaJ8aIUunsTsr3hnIDfNWGafxpB6WC3IKvJz-5W2_rEelVMOdAr4seRlJd7D3bbRUy3YpNMH6z-qCgPCSs8_Os6xR8YiNUbvPj4oKho6NfUSnYqpUclkbKaa4cnWoyZIAopXU2n1qpUoPticohW0BOg4oRT2ZZEwNeh-ajKmu-IWPgd-5zRhqXs90FyfaHo565_i-1I4ElfZIgTG_BeaqPKIwdW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLIoirLE3Y4r5D4W1gQfjv6ooyZ7SsVy9jpf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NDQ5MDc0MDk4NDY2MzExoAHVttLqA8gBCakCFoTab7hxsD6oAwGqBMEBT9A2sfng_momAByvG1gnkWBuBBjCjt_dg5H5dN1nBZn90rWUoqkRvi8D3TRPMzgLYAO8BaKLO0hSh51xgVp_WzBxr1HAykcMn_tTZIcIXIjWSsHj-Irt0qR7HXZYIUoO0PjDSi52yCclutlA825lMUdp0shcqhO6lFts54TYDyPuKH0bpup_lhEcJx5fQIZra2Vl3reEK10jMqY_vPp7CPEHa4AkKjdTE-CfkvHgpuxlO8hSm8kvImHZg88O6VPdioAG3IqBvYCDxve2AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26WMCn9dFrVhifK4KP1i1y36g0ag%26client%3Dca-pub-7449074098466311%26adurl%3D
Frame ID: 00778A9C00726360C3C772DDFD854370
Requests: 35 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAD8oAK3r1WAAQrOxfyRsxPAp0GatCmVw&u=%7CgonU6PUF9UWLWnfaxz8NeL2IhTHsCADeYEAVh8plNg0%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI35X_pU8_0OeqpOBfOVOB3Pf9SBNM6eCrMqJEjLQw5nO1pVc3ungIVjwni_B2QtiuSUrcGyQsp4Xx6KNtieR8ByNJk0t77wMRMjzAFAyiwV2wjJWgTjrjDF2QyWzvMOa9kRKjXbyIL4siWRueuD3jEPJXpkJX8U9_1oPGgmqxWOkTqQYP8nosrIvKcvHkD2hJJJ23N4_4fJk7NB-5tZ80nUI66RESWeAZR-NuG_Z0nG6yaFZRDr0rQrvTKB3MOKfl85_UEn_ASPDDAZZQs5Zz7myLsyVfR-egYnZZ1ww-p_SeN8vz_Ia2QpIL6KZTYkr0bh7Ap0_LeF2Yh_yVVPDH7KO5AKDdhrmexYXrAixaDliAGiS9FAdzB3b5C3feullSwXZmcOhM37wn6B-uQ0cQdIMy_Bq3nQDtU-ysSPJxdzNhWcAeVL2S8rmBN3UvWPLdjrUs8bhfcgg83RBurFrwPHlMJ9gTnRK31_qhDQ8hyOERnN9WOQuRIHs5M1Bkml9hyvlg4SNSkqtMY1_ctMu0jOk-7HUVcUZ5lruYRi219YIv8Hsn8XtS5Os&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ-_VrLE3Y4DlD9b6-ga71pCID8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzQ0OTA3NDA5ODQ2NjMxMaAB1bbS6gPIAQmpAhaE2m-4cbA-qAMBqgTBAU_QYaStIAIfEm8D-g3n5XsTFiJ0h0tQSMzNoJ9qPUOugtJm75WlhKTf8dujhZqVOsrVsbgY1USGmcD4PS_5zrqnU4NMbHgMTmE_Sc1pLv8E_PWSuo5tTkYBo6A24HrB43ebJPQlmmw57kMYPNJ54VlfpDDwAceIlwBhLpTh_dl7eSJyEamDf8L6_HS557ORJ8XieAMPTBWlYjOKn8eweqyT1w_kyYkKbSyP13jhTe0UEU7AcO90PfREOuH9in_eJVyABvjL7tXPrIbYiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2T8rOB4tCIWD2CjiCcYKq5JE7Jqg%26client%3Dca-pub-7449074098466311%26adurl%3D
Frame ID: CAE143FFCA7DC49EEF64B6DFBE895DA5
Requests: 24 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1664520975957&w=1200&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=1&to=qs&pwprc=1398849173&psa=0&format=1200x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594348489&bpp=1&bdt=1075&idt=1&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6279cd99ffc39c61-225c8e4f33ce0028%3AT%3D1664594348%3ART%3D1664594348%3AS%3DALNI_MY8-p9ne6GLggTD12u6rLf5nNhANA&prev_fmts=1110x90%2C1110x90%2C0x0&nras=2&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=A6Mk9TZkvh&p=https%3A//rosefile.net&dtd=16
Frame ID: 49FEFC794D426AF3F0FFE029D7F29DD1
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
Frame ID: 45E7257209A16686AC6C3669B2CA8BC9
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAEAcgKe7AFAAPW97QCzgeZ16Dsd1jeEQ&u=%7CgonU6PUF9UXvgvIOdh%2FSfp1G4Eik0J97s4yCHl9mYBE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXRYIB48iHA-NoQ3zlbXygcXPig9aPHB3P4a5X50E3kr3AnrRSBhy9tK2bXCumaaZzN2sbeFRcSEUhdWfiEK5pvEP0OKazF1RFhGTk032_hNZXaWcMSDJLjIMd_OqOFf48ZWUePDtsVaBU0BQ-pEn6H6pcKH8a884YMtogxG2yM57pzq24G1UJZFYTeq8pedsCBGarSCy8dG6Vef-rWEWPi4CKYi4SpMHesp1ucjtG5tbpaBS3dXrYCaLP8Qif73JH_FqpHwEbf2Bieh6YCBdPjsOjoaWt8lHbfeJVRiD1wmaUdC3J4vBt0FvHv3wHKYfVE8HHiHdO9F8l3nHbYzkVFC7F4BTDrPpisFWYwQdZbjoKFFjJGJNKjr8qbF1NFJuBWgMqW-di04K7hivoB5ypK7U6m941b22jAln-TQIt55i0uyoUNlxp3vxs8POayndfdkrxyY4Zvr2Jk0RMwQNnnLJQoVj0XGsFjEZY4FeTOiOhRRwOSQOU-uwQEXfALGr76O0I0pRbMXfb9OfYWmtwJ-gg43qY14gte2GLpZqk-kKw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFX3grLE3Y8iDEIXg7gP3rY-gAsme0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzQ0OTA3NDA5ODQ2NjMxMaAB1bbS6gPIAQmpAhaE2m-4cbA-qAMBqgTCAU_QOTQcGKg1VDdEKW0nJMlvCFqcYjUizL7XePU6AqbnsFaCPHK4odjK1lu77ndcgUf6GF0WrHTLAKa6rfFtPgeDst5MoyCbFW9oi8XeoyCBcD2VeJO-dFhTQVY26NAs3sfc8243U_Q_CDAkmXH4I0qlvSuTnuZVSdjLfrSl1iAgCmTwG7rDykkLvbNjgBNegpR6b-N-nYD-LM7Jo_6Jco_hqXLD-F9riKIm-MT5FA377u88ckKWL3ngndoss608S12IgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_22RubeTXQ10P78njGA3jO_MHBO6g%26client%3Dca-pub-7449074098466311%26adurl%3D
Frame ID: 61BCF8D1819E4ACBCB97AA9773F12BE1
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/adview?ai=Cm-QErLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExAFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhCErRuIaTPxtMzkiUTE_vIzDwbf2w8Uk7X3Dls2v3UxOfz9MsXgxgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc0NDkwNzQwOTg0NjYzMTEYAA&sigh=D2MTWQ5wAiE&uach_m=[UACH]&cid=CAQSOwCsnQUx0Jc4oS4yJ8632Szj3Ba9N3hqgfDmcYd7sxC7SODD1EDj-U3tvECTYmICCzeYtrpj1LQ_inFtGAEgEw
Frame ID: 5B8D8D993E3F2A975B93C20969E6CD9C
Requests: 7 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/dr?ed=1g5nra2xgmnnjapr2bbsk98w9syr11759kthabxcs6jqemc18r0evj5mrtp947sqsf8bea0yvyjmbtgkwrha3v5x1z4n735y9kabftveeyncc94tvd740atmvye99eb17qwns97ke21p2sr2nffannk2vn8at26htyb2pb1p5nac5evme8tsh08pzkkb48z1an4jwq7pkcy8ak1b3p3kfcd2jgcs8tcrv50jhqwrjyyaa5xezb38ehbkdctyw6twj40d8a32xs5skexgmzh22ha4ktaab8fw43ygzgk5mq729f45mhr1m190zte2h5e667rp232yjpse7ptdv1nvhp323ngx6zcynn6rmqf9dqvw2ew9kzxr501et2ypfdvq5hdtwwrkvrzfpfjc07d587w4dkzrhehz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%26client%3Dca-pub-7449074098466311%26adurl%3D
Frame ID: 78D10C2D5C32F71F9A64B398D789AFBB
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B4C6A5E9367B41952CF4E1DC5A6CDF69
Requests: 9 HTTP requests in this frame

Frame: https://ad4m.at/frame.html
Frame ID: 872C1BFEEF50E798E70C80A9A8B5464B
Requests: 1 HTTP requests in this frame

Frame: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Frame ID: 63023A8E62EC4F79EF2E1C7EEECE4AE6
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F0049ED9143379B84444642B21D241DA
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D688E8C9DF908A582CA0CC70B01C440
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

PDL**.7z - RoseFile

Page URL History Show full URLs

https://t.co/eyrF5BKa8r Page URL
https://rosefile.net/58lno8283h/PDL33.7z.html Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

SweetAlert (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

sweet(?:-)?alert(?:\.min)?\.js

Webgains (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

analytics\.webgains\.io

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/

Page Statistics

173
Requests

97 %
HTTPS

60 %
IPv6

32
Domains

45
Subdomains

38
IPs

6
Countries

2071 kB
Transfer

4131 kB
Size

34
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://t.co/eyrF5BKa8r Page URL
https://rosefile.net/58lno8283h/PDL33.7z.html Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 130

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_1IjmpDksfGsNiAjzwUCPo_-CfTCR6Blx7v5PG5CNmS8lEA1KV3LNmNvRq9l5vmNEuUQ7mw6BbC5xznfmGSPb09529d08&google_gid=CAESEFUUurkyPFtvj8PKVkVfkH4&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_1IjmpDksfGsNiAjzwUCPo_-CfTCR6Blx7v5PG5CNmS8lEA1KV3LNmNvRq9l5vmNEuUQ7mw6BbC5xznfmGSPb09529d08&google_gid=CAESEFUUurkyPFtvj8PKVkVfkH4&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMDEwMzE5MDkwMDAxNDE5Mzg3NjkwOQ%3D%3D&google_push=AZmPxg_1IjmpDksfGsNiAjzwUCPo_-CfTCR6Blx7v5PG5CNmS8lEA1KV3LNmNvRq9l5vmNEuUQ7mw6BbC5xznfmGSPb09529d08

Request Chain 133

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENU5ZLUO6WTIe6aUeMGJdHk&google_cver=1&google_push=AZmPxg-5iI_jYZwLKoxk23nhxD7_7h_r5HI1I4hoEH5ip5uMX7Ak5pp1A8OS_n8F3JZf3MYVXGKoWucgjNTemln7_ocRoIPj7mw HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQQ0hXN0ctUC1CVUVU&google_push=AZmPxg-5iI_jYZwLKoxk23nhxD7_7h_r5HI1I4hoEH5ip5uMX7Ak5pp1A8OS_n8F3JZf3MYVXGKoWucgjNTemln7_ocRoIPj7mw

Request Chain 134

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGxyd7XCptXsgkngYr2Gb0Y&google_cver=1&google_push=AZmPxg9WYXAD-lE0dvjkYeQ1s2bZfMYR5XYFGsyQNOfw2uA_FGPvWZtoFKKdYeP09u7k14NYkRn9VrAmQbuDC1f1UwRzs4FgjQ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGxyd7XCptXsgkngYr2Gb0Y&google_push=AZmPxg9WYXAD-lE0dvjkYeQ1s2bZfMYR5XYFGsyQNOfw2uA_FGPvWZtoFKKdYeP09u7k14NYkRn9VrAmQbuDC1f1UwRzs4FgjQ&s=184023&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGxyd7XCptXsgkngYr2Gb0Y&google_hm=YzexrTAdVYCMGz5-BqhH2QAABGMAAAIB&google_nid=index&google_push=AZmPxg9WYXAD-lE0dvjkYeQ1s2bZfMYR5XYFGsyQNOfw2uA_FGPvWZtoFKKdYeP09u7k14NYkRn9VrAmQbuDC1f1UwRzs4FgjQ

Request Chain 149

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLCjqZeJvvoCFUMT4Aodq2QLVg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3A%2F%2Fwww.awin1.com%2Fcawshow.php%3Fv=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1664594350_d0c71c70-4137-11ed-96b9-2237162cbb98

Request Chain 154

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=412871&pv=1&pref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0 HTTP 302
https://www.zenaps.com/cshow.php?pvr=d0a11de0-4137-11ed-96b9-2237162cbb98&v=11354&r=412871&q=377133&s=2470167&viewref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&pv=1&gdpr=0&gdpr_consent= HTTP 302
https://www.conrad.de/ztpv.php?awc=11354_412871_1664594349_d0a11de0-4137-11ed-96b9-2237162cbb98&insert=AW&&gdpr=0&gdpr_consent=

173 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 eyrF5BKa8r
t.co/ 291 B
570 B 152ms
119ms Document
text/html 104.244.42.5
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://t.co/eyrF5BKa8r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.5 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private,max-age=300
content-encoding: gzip
content-length: 197
content-type: text/html; charset=utf-8
date: Sat, 01 Oct 2022 03:19:07 GMT
expires: Sat, 01 Oct 2022 03:24:07 GMT
perf: 7626143928
server: tsa_o
strict-transport-security: max-age=0
vary: Origin
x-connection-hash: 877a56fb2d20268d59d1de2d77956faed9fa133ae8fe7fde400d78344cc80724
x-response-time: 111
x-transaction-id: 3a8d5f406dec329f
x-xss-protection: 0

GET
H2 200 Primary Request PDL33.7z.html Show response
rosefile.net/58lno8283h/ 16 KB
6 KB 243ms
199ms Document
text/html 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rosefile.net/58lno8283h/PDL33.7z.html

Requested by

Host: t.co
URL: https://t.co/eyrF5BKa8r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

824b7b927b4bb8fb7a8d470e415e1cbc73797fbb73cedc1721da512c2d062992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://t.co/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-cache-status: DYNAMIC
cf-ray: 75320e0e0e30918c-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Sat, 01 Oct 2022 03:19:07 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gjy3e4jwgyCVFB7fhbBEGQOJgoWehb6yOMKjjyx61A6%2Fs5DwVuQCv%2Bgz2ur7%2BGW2wL5oudNQWVlvVRRCvlTtHAg0NqRooJDwZG%2B2RVsJfNMzrkAc3H5o3CcLiXqLobbbb1gTNp9Ot3SLHl4%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=31536000
vary: Accept-Encoding

GET
H2 200 bootstrap.min.css
rosefile.net/includes/js/bootstrap-4.6.1-dist/css/ 158 KB
25 KB 24ms
22ms Stylesheet
text/css 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rosefile.net/includes/js/bootstrap-4.6.1-dist/css/bootstrap.min.css

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Origin: https://rosefile.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 38570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 13 Nov 2021 01:54:17 GMT
server: cloudflare
etag: W/"618f1ac9-278e1"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SLXZPydKe4zrHoBtyNqWxkemkxE9OL%2FZLo3%2FR8pG89BIVK90%2Fxji7DzGdyoleJ8lb4eI86qf7rmzvIiCz4YyM6it2HCwI6DxS5bGbnv046%2FGP2JP1soAseGA3Yu%2BtATL0HE7D41CgZBja4Q%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=43200
cf-ray: 75320e0f5f15918c-FRA
expires: Sat, 01 Oct 2022 04:36:17 GMT

GET
H2 200 common.js Show response
rosefile.net/includes/js/ 8 KB
3 KB 36ms
36ms Script
application/javascript 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rosefile.net/includes/js/common.js

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

544e17f490a8d3f512d7348b79eeed28478f4d04c10ec16b6ea8a4844fd57b48

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Mon, 29 Jan 2018 16:42:54 GMT
server: cloudflare
etag: W/"5a6f4f0e-1ee5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qaedPOaNhrBAW9qFVG7AmQtaAFbrcH3WIH3VOG6sK4aNqA%2FqTp4OHO24M6cRgfkZUlyB%2FwGfSs%2FXAjJvTC%2BY0joEGvV8gwnrZDUSlIutg62IOk2BUjIDMO8BWmVKyxYFzeGUFOzVVrrJn%2BM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 75320e0f5f17918c-FRA
expires: Sat, 01 Oct 2022 10:15:14 GMT

GET
H2 200 jquery.min.js Show response
rosefile.net/includes/js/ 85 KB
31 KB 24ms
23ms Script
application/javascript 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rosefile.net/includes/js/jquery.min.js

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 13 Nov 2021 02:04:32 GMT
server: cloudflare
etag: W/"618f1d30-15283"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=P5T2%2FFByVAySn8OargLbwlgpI6JnjhCVmZx34Wp5DvEW%2FVU9TomaKa9tgwvxZ%2BG%2BZPA8LeTUoX6UQwH0iJUgosXw6hGqJdLtsTXrEdayQThm5DLRr9xFU21b%2FgTErh55fkclT07lg5Z1Rxw%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 75320e0f5f18918c-FRA
expires: Sat, 01 Oct 2022 10:15:14 GMT

GET
H2 200 sweetalert.min.js Show response
rosefile.net/includes/js/ 40 KB
12 KB 22ms
21ms Script
application/javascript 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rosefile.net/includes/js/sweetalert.min.js

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 18233
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 13 Nov 2021 02:07:50 GMT
server: cloudflare
etag: W/"618f1df6-9f68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=A8PjaKeXvoyafev1m8%2FC1UrwLnqL3kCcwr8kBRBCqmDFEgc8CFs9n%2Fe0houydDuicVI31GqGMc39IoJe%2BzcoywiNay%2BTJnQNPogj9u%2B6G2D%2BZhDMJjC5hueCuvhWM1Ui3ZBqgbxb%2BHstzeQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 75320e0f5f19918c-FRA
expires: Sat, 01 Oct 2022 10:15:14 GMT

GET
H3 200 logo.png
rosefile.net/templates/rosefile//images/ 2 KB
2 KB 25ms
24ms Image
image/png 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rosefile.net/templates/rosefile//images/logo.png

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a6ea949af9f144c644f0efa2bf5a862fdffc4e1b79e54eb7bad499d833dd0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 741566
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1935
last-modified: Fri, 25 Dec 2020 21:00:36 GMT
server: cloudflare
etag: "5fe652f4-78f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zahbCUaeXkQV3uZV4YChdLbQok3hiQq5StvIoO0xXMDznpQOz8ki%2FdFFsxEmwXpvCfapqCJ7PREwfKgu2ja1S6LArj8%2BF%2B96fb%2Fuaa2ZP2vfr5oNAeU3P23d09x%2FqNqLeNq%2BLEtXNEjjI5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 75320e0faf92927a-FRA
expires: Sat, 22 Oct 2022 13:19:41 GMT

GET
H3 200 lb-script.js Show response
rosefile.net/includes/js/ 2 KB
1 KB 14ms
14ms Script
application/javascript 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rosefile.net/includes/js/lb-script.js

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af9b453633ef8b4d82e35188507219e0be990b62f20e6666e8e9a275582b7738

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 9079
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Wed, 26 Jan 2022 03:04:17 GMT
server: cloudflare
etag: W/"61f0ba31-608"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NI7kt7PAQ9yrQYRwNZwU%2FMWYp9t1SNXin0ux44pDkDM6Pjo77loujsGCRUjbfe3GOje7iwZL7sARpAoR5XF4KNSMgd0lrTvYUwqJLfFGNPD8nFbS8igDBiA%2FeLZTqZgBZ0MmLKoj1rvyfKc%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 75320e0f8f77927a-FRA
expires: Sat, 01 Oct 2022 12:47:48 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 163 KB
54 KB 183ms
79ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

807c3056d593e0c991a5f64df1b6221e893cd12a9f71b24b65e81c4165401c67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54789
x-xss-protection: 0
server: cafe
etag: 473999096718010031
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 01 Oct 2022 03:19:07 GMT

GET
H3 200 n.png
rosefile.net/images/ 567 B
1 KB 24ms
20ms Image
image/png 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rosefile.net/images/n.png

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f08712b803758a5884bdf37afe9af65da76fb200c21e4231bd2cf8f7d2e45fab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 668114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 567
last-modified: Wed, 26 Jan 2022 03:03:43 GMT
server: cloudflare
etag: "61f0ba0f-237"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Lm8phU6dlk07FuKoZHr%2B6osTIjoXVvdIgzgIcjER5IlhkDphcbmdDDnH2AXXLe1jVzsfmV1KEGqAluJ2NwDT4JXICz2AgHr1JizkMzVhpdmRSajAR1eU6%2BnZZBvX3104899xvLIxgCjKhuI%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 75320e0faf93927a-FRA
expires: Sun, 23 Oct 2022 09:43:53 GMT

GET
H3 200 y.png
rosefile.net/images/ 488 B
986 B 24ms
20ms Image
image/png 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rosefile.net/images/y.png

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f3ac79f08014f7842fda907f6eb861a536dddd5924423c29be28985976caa775

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 668114
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 488
last-modified: Wed, 26 Jan 2022 03:03:44 GMT
server: cloudflare
etag: "61f0ba10-1e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S1QR1PCteLPM10hgyPG2mMQpI503bW6r0zFLLAHbi3Z3753ThBC9Fd89ODZpjvVj%2FaQ2sixG66Eg6irhOXqX8dFjDLtvqPFi%2FtXKCOMBfSri%2B64LS7hTy4hH89gfC9cf6ekMS3DeG8K8YJs%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 75320e0faf96927a-FRA
expires: Sun, 23 Oct 2022 09:43:53 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 209 KB
74 KB 212ms
85ms Script
application/javascript 2a00:1450:400d:806::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-KDVC5RG4QJ

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15dd2c9a93c782e78e4567fd7fa075237f76393fb0d648233125630a618ab756

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 01 Oct 2022 03:19:07 GMT

GET
H3 200 popper.min.js Show response
rosefile.net/includes/js/popper-core-1.16.0/umd/ 21 KB
8 KB 17ms
17ms Script
application/javascript 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rosefile.net/includes/js/popper-core-1.16.0/umd/popper.min.js

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Origin: https://rosefile.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11858
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 13 Nov 2021 02:29:35 GMT
server: cloudflare
etag: W/"618f230f-5309"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RzU%2Fd1x3DG1nMyfsDQ8AUmOOU%2FbtkauYmc8nVmcsa12PCdqtbvgk0FvzCJfO8RHfFDDp9FVzGG8cdAs7kM%2BaG4p5iS4YP14tH1szmo3UnmzLgVy7daPRdCSFD5VwR9PR4xlGffsES2LOY5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 75320e0f8f79927a-FRA
expires: Sat, 01 Oct 2022 12:01:29 GMT

GET
H3 200 bootstrap.min.js Show response
rosefile.net/includes/js/bootstrap-4.6.1-dist/js/ 61 KB
16 KB 16ms
16ms Script
application/javascript 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rosefile.net/includes/js/bootstrap-4.6.1-dist/js/bootstrap.min.js

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Origin: https://rosefile.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 11857
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Sat, 13 Nov 2021 01:54:19 GMT
server: cloudflare
etag: W/"618f1acb-f3e8"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qnrl8EGN464aE8fyI%2FkCvtw2NxjK2vzZjlKDcxw7invjg6GLQjcj5Zb2p0fT2bmwr4rVQNLK6NZSTwg9wXG1I%2Bzhh47hWFq2kkOXYQK87kXLYmre3kVfRmnOW%2Ba1Qu2rFoT9Wo9BKx%2BgQxY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=43200
cf-ray: 75320e0faf91927a-FRA
expires: Sat, 01 Oct 2022 12:01:30 GMT

POST
H3 200 ajax.php Show response
rosefile.net/ 0
520 B 119ms
119ms XHR
text/html 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://rosefile.net/ajax.php

Requested by

Host: rosefile.net
URL: https://rosefile.net/includes/js/jquery.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/plain, */*; q=0.01
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nC37y7gZuKrXs5AtJBPApjkvbKwPYvgup8VTlCUuYNK%2BQdVu%2FJsalPIralJpfurKJ6oHLaTEWSUHiqK8CB10WOk%2BWjVYGtEjLj9BKIsgvykYiyQqItLjdYW0Zz6kSzhlr%2BTDNFWeReAySJk%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 75320e0fcfb7927a-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/ 349 KB
114 KB 150ms
70ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7449074098466311&plah=rosefile.net&bust=31070061

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dff993d26a575da1f79dda091f9de5cd4af1675758ead010d3297b67766bc384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117163
x-xss-protection: 0
server: cafe
etag: 1022264617968030936
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 01 Oct 2022 03:19:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/ Frame 2925 10 KB
5 KB 180ms
49ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 17913
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 22:20:34 GMT
etag: 9671129459699598864
expires: Fri, 14 Oct 2022 22:20:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
344 B 125ms
39ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KDVC5RG4QJ&gtm=2oe9s0&_p=1902942959&cid=115296085.1664594348&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664594347&sct=1&seg=0&dl=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&dr=https%3A%2F%2Ft.co%2F&dt=PDL**.7z%20-%20RoseFile&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDVC5RG4QJ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:07 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rosefile.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 216 B
643 B 291ms
47ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=rosefile.net&callback=_gfp_s_&client=ca-pub-7449074098466311

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7449074098466311&plah=rosefile.net&bust=31070061

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f70f129475ca0b6a4851d34da9794197629135e820929095648e2338780bd7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 157ms
48ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=rosefile.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 156ms
51ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rosefile.net

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3123 22 KB
10 KB 421ms
199ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=1884398534&adf=2212218622&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594347&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347724&bpp=5&bdt=311&idt=250&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=6986479019647&frm=20&pv=2&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1mmimTasCd&p=https%3A//rosefile.net&dtd=271

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e2c9ed632f94d631c6ebb41d6737af9948ef7660a5437bbe8ed4aa2ce764b5c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9805
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:08 GMT
expires: Sat, 01 Oct 2022 03:19:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B93 22 KB
10 KB 409ms
193ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=3099582606&adf=3803042755&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347730&bpp=1&bdt=317&idt=272&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U3BwgrZTzM&p=https%3A//rosefile.net&dtd=276

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

917fe3545983915d4f0076d6a9830782f7afe19ba6dc6c954e62dbca38a7e7c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9815
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:08 GMT
expires: Sat, 01 Oct 2022 03:19:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B668 40 KB
14 KB 418ms
210ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&adk=1812271804&adf=3025194257&lmt=1664594348&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&ea=0&pra=7&wgl=1&easpi=0&asntp=0&asntpv=0&asntpl=0&asntpm=0&asntpc=0&asna=5&asnd=5&asnp=5&asns=5&asmat=1&asptt=-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347743&bpp=2&bdt=330&idt=266&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90%2C1110x90&nras=1&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=271

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e387dbf7b036a02f2d17574c1b5f80af4372fc7a9d26a7f60fcffd2d63c7f01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 13851
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:08 GMT
expires: Sat, 01 Oct 2022 03:19:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 7B93 3 KB
1 KB 159ms
49ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=3099582606&adf=3803042755&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347730&bpp=1&bdt=317&idt=272&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U3BwgrZTzM&p=https%3A//rosefile.net&dtd=276

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 02:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 02:23:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 7B93 17 KB
8 KB 145ms
35ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 02:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 02:58:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7B93 140 KB
44 KB 184ms
72ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Oct 2022 03:19:08 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7B93 0
0 95ms
95ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIKRFrLE3Y4r5D4W1gQfjv6ooyZ7SsVy9jpf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NDQ5MDc0MDk4NDY2MzExoAHVttLqA8gBCakCFoTab7hxsD6oAwGqBL4BT9A2sfng_momAByvG1gnkWBuBBjCjt_dg5H5dN1nBZn90rWUoqkRvi8D3TRPMzgLYAO8BaKLO0hSh51xgVp_WzBxr1HAykcMn_tTZIcIXIjWSsHj-Irt0qR7HXZYIUoO0PjDSi52yCclutlA825lMUdp0shcqhO6lFts54TYDyPuKH0bpup_lhEcJx5fQIZra2Vl3reEK11hMIetO3XnG06bfyP0F5GrGvSVJPvOvm7R8_X0aXYxDnlcKUsdVoAG3IqBvYCDxve2AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNzQ0OTA3NDA5ODQ2NjMxMRgA&sigh=CT_wAd09Slk&uach_m=[UACH]&cid=CAQSGwCsnQUxTny02hcJVPOii5aDTNrQ7HmqJmI6mhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=3099582606&adf=3803042755&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347730&bpp=1&bdt=317&idt=272&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U3BwgrZTzM&p=https%3A//rosefile.net&dtd=276
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 01 Oct 2022 03:19:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Oct 2022 03:19:08 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7B93 0
0 68ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RNYIWp2DYgICAAAAAz79PmDNmA8QrLE3Y7TRcBpKBO9AjMYIABIAAA&wp=YzexrAAD_IoK4FqFAAqf4-lvT2-SjfTe2u6ogQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 159298
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0077 209 KB
60 KB 182ms
139ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAD_IoK4FqFAAqf4-lvT2-SjfTe2u6ogQ&u=%7CgonU6PUF9UWBayP5FDcyljczMxavQc1eM3nlnQgFlxY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g9RtzwykkhATwVkapf3sZPJuxEWSKUi8imE__dT4qYDjIBLFSwMULw8P_Mi2fWvrRBfFZon9Kx8XlHNrda6XlurQg_2iaT7nzgZHkvx22h2FYcBjeHbPmlc5m8BBYpJAJaAaqsyWyXBJvgPSb1VqobDs9bdLvPka2K-ApvJtHdTaDpVR3JRa5yzAzfXJl5Xd0HxjvQlcCVjiX0o_g82lqbApw9e2AhwDB0E5B1hT0WSdfm9Fhf0O3wlj9XiQENtMe4vAJmpNEPjMAmion3ujzuG4QHmawF6xvd8sSJpdcMDXnB-XZlrXC0hZFm1USONXwuV-Zy_8Yq97AXk7eSWW6vNJFQFLaJ8aIUunsTsr3hnIDfNWGafxpB6WC3IKvJz-5W2_rEelVMOdAr4seRlJd7D3bbRUy3YpNMH6z-qCgPCSs8_Os6xR8YiNUbvPj4oKho6NfUSnYqpUclkbKaa4cnWoyZIAopXU2n1qpUoPticohW0BOg4oRT2ZZEwNeh-ajKmu-IWPgd-5zRhqXs90FyfaHo565_i-1I4ElfZIgTG_BeaqPKIwdW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLIoirLE3Y4r5D4W1gQfjv6ooyZ7SsVy9jpf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NDQ5MDc0MDk4NDY2MzExoAHVttLqA8gBCakCFoTab7hxsD6oAwGqBMEBT9A2sfng_momAByvG1gnkWBuBBjCjt_dg5H5dN1nBZn90rWUoqkRvi8D3TRPMzgLYAO8BaKLO0hSh51xgVp_WzBxr1HAykcMn_tTZIcIXIjWSsHj-Irt0qR7HXZYIUoO0PjDSi52yCclutlA825lMUdp0shcqhO6lFts54TYDyPuKH0bpup_lhEcJx5fQIZra2Vl3reEK10jMqY_vPp7CPEHa4AkKjdTE-CfkvHgpuxlO8hSm8kvImHZg88O6VPdioAG3IqBvYCDxve2AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26WMCn9dFrVhifK4KP1i1y36g0ag%26client%3Dca-pub-7449074098466311%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

081524aa657300873352a5f4a7fd81ef61ec63cab8ea5ca87cf2d0f51cd30d59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=xW0F1kbxLsSyLYoUn8brAwzH9j2mOVzkIgKxufz-zx-1XFjYYRmZqQ8Wcv9GLp9SbN5RNkT1gUHKLGFrNy9Iv-n8e_FNEALhuetqFifaShzc7IzaS2OiZo-8bnqglnpntdyLPuGrOkxqm28dBKLoP3VcrrgmDGnOcBKuXsmD7H3JmiGzVKnrJz7fiaLWmj-5E9wEr5QeAUniW9NNajK5x65czYpvz7ZPxn_Q1Gf_LfLa9qSBHpU2JpQbuLbJjLO-8beQYw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 118019237
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3123 0
0 94ms
91ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CQSagrLE3Y4DlD9b6-ga71pCID8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzQ0OTA3NDA5ODQ2NjMxMaAB1bbS6gPIAQmpAhaE2m-4cbA-qAMBqgS-AU_QYaStIAIfEm8D-g3n5XsTFiJ0h0tQSMzNoJ9qPUOugtJm75WlhKTf8dujhZqVOsrVsbgY1USGmcD4PS_5zrqnU4NMbHgMTmE_Sc1pLv8E_PWSuo5tTkYBo6A24HrB43ebJPQlmmw57kMYPNJ54VlfpDDwAceIlwBhLpTh_dl7eSJyEamDf8L6_HS557ORJ8XieAMPTBWlIDGrDUA_5r8sSxtHGbSslSWb3c7rY_WWpYb91h3LI9hcv0t5mcCABvjL7tXPrIbYiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc0NDkwNzQwOTg0NjYzMTEYAA&sigh=LAfGJtquZUs&uach_m=[UACH]&cid=CAQSGwCsnQUxYbort0ELFmTzzMVzyh49Gmzn4bDVKRgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=1884398534&adf=2212218622&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594347&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347724&bpp=5&bdt=311&idt=250&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=6986479019647&frm=20&pv=2&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1mmimTasCd&p=https%3A//rosefile.net&dtd=271

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=1884398534&adf=2212218622&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594347&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347724&bpp=5&bdt=311&idt=250&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=6986479019647&frm=20&pv=2&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1mmimTasCd&p=https%3A//rosefile.net&dtd=271
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 01 Oct 2022 03:19:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 01 Oct 2022 03:19:08 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 3123 0
0 54ms
19ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kLWUEsz6RNYIWp2DYgICAAAAAz79PmDNmA8QrLE3Y5NR9JxSIAQdv7I4ABIAAA&wp=YzexrAAD8oAK3r1WAAQrOxfyRsxPAp0GatCmVw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=1884398534&adf=2212218622&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594347&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347724&bpp=5&bdt=311&idt=250&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=6986479019647&frm=20&pv=2&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1mmimTasCd&p=https%3A//rosefile.net&dtd=271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 227669
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame CAE1 154 KB
50 KB 120ms
92ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAD8oAK3r1WAAQrOxfyRsxPAp0GatCmVw&u=%7CgonU6PUF9UWLWnfaxz8NeL2IhTHsCADeYEAVh8plNg0%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI35X_pU8_0OeqpOBfOVOB3Pf9SBNM6eCrMqJEjLQw5nO1pVc3ungIVjwni_B2QtiuSUrcGyQsp4Xx6KNtieR8ByNJk0t77wMRMjzAFAyiwV2wjJWgTjrjDF2QyWzvMOa9kRKjXbyIL4siWRueuD3jEPJXpkJX8U9_1oPGgmqxWOkTqQYP8nosrIvKcvHkD2hJJJ23N4_4fJk7NB-5tZ80nUI66RESWeAZR-NuG_Z0nG6yaFZRDr0rQrvTKB3MOKfl85_UEn_ASPDDAZZQs5Zz7myLsyVfR-egYnZZ1ww-p_SeN8vz_Ia2QpIL6KZTYkr0bh7Ap0_LeF2Yh_yVVPDH7KO5AKDdhrmexYXrAixaDliAGiS9FAdzB3b5C3feullSwXZmcOhM37wn6B-uQ0cQdIMy_Bq3nQDtU-ysSPJxdzNhWcAeVL2S8rmBN3UvWPLdjrUs8bhfcgg83RBurFrwPHlMJ9gTnRK31_qhDQ8hyOERnN9WOQuRIHs5M1Bkml9hyvlg4SNSkqtMY1_ctMu0jOk-7HUVcUZ5lruYRi219YIv8Hsn8XtS5Os&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ-_VrLE3Y4DlD9b6-ga71pCID8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzQ0OTA3NDA5ODQ2NjMxMaAB1bbS6gPIAQmpAhaE2m-4cbA-qAMBqgTBAU_QYaStIAIfEm8D-g3n5XsTFiJ0h0tQSMzNoJ9qPUOugtJm75WlhKTf8dujhZqVOsrVsbgY1USGmcD4PS_5zrqnU4NMbHgMTmE_Sc1pLv8E_PWSuo5tTkYBo6A24HrB43ebJPQlmmw57kMYPNJ54VlfpDDwAceIlwBhLpTh_dl7eSJyEamDf8L6_HS557ORJ8XieAMPTBWlYjOKn8eweqyT1w_kyYkKbSyP13jhTe0UEU7AcO90PfREOuH9in_eJVyABvjL7tXPrIbYiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2T8rOB4tCIWD2CjiCcYKq5JE7Jqg%26client%3Dca-pub-7449074098466311%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=1884398534&adf=2212218622&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594347&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347724&bpp=5&bdt=311&idt=250&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=6986479019647&frm=20&pv=2&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1mmimTasCd&p=https%3A//rosefile.net&dtd=271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5a211c742f0d2a63fa31aeeaac328b759738f2878ed4af950450bb0876659bdc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:08 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=z4ax8EbxLsSyLYoUkmczVr_Q9jAXYhFLC8bbM6A4EJEMhn8oN9nRQ1436zbysmYHTAkpJKyt2SKOhibu-cateMJ_KgBpssanOpRQCexpPxuGcAelxaSAxViAR8CQJ_-kahEUlxz6KshYrAKHZjGDxgs3G-1Xe9ReQouP5XdYu31QIz9MO1r4NSbFrntB-Neg6UwgsnRyNaVX40aE_0ZDbpb3Prst-zqygrWLdDlISpFZOO7j58Ug2q_jIlrcoHvBtfK3Bw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 70626539
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 3123 3 KB
1 KB 118ms
49ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=1884398534&adf=2212218622&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594347&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347724&bpp=5&bdt=311&idt=250&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=6986479019647&frm=20&pv=2&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1mmimTasCd&p=https%3A//rosefile.net&dtd=271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 02:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 02:23:51 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 3123 17 KB
7 KB 117ms
48ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=1884398534&adf=2212218622&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594347&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347724&bpp=5&bdt=311&idt=250&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=6986479019647&frm=20&pv=2&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1mmimTasCd&p=https%3A//rosefile.net&dtd=271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 02:58:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1225
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 02:58:43 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3123 140 KB
44 KB 194ms
123ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=1884398534&adf=2212218622&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594347&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347724&bpp=5&bdt=311&idt=250&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&correlator=6986479019647&frm=20&pv=2&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=63&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=1mmimTasCd&p=https%3A//rosefile.net&dtd=271

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Oct 2022 03:19:08 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/ 151 KB
54 KB 62ms
62ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202209280101/reactive_library_fy2021.js?bust=31070061

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6c82dc9b833355e3c5f971042bf6e401bdb69162b5fbc2a2c97e3dd768c0841d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55038
x-xss-protection: 0
server: cafe
etag: 5781304717318858065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 01 Oct 2022 03:19:08 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 175ms
75ms Script
application/javascript 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=rosefile.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 139ms
50ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=rosefile.net

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49FE 31 KB
12 KB 231ms
230ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1664520975957&w=1200&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=1&to=qs&pwprc=1398849173&psa=0&format=1200x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594348489&bpp=1&bdt=1075&idt=1&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6279cd99ffc39c61-225c8e4f33ce0028%3AT%3D1664594348%3ART%3D1664594348%3AS%3DALNI_MY8-p9ne6GLggTD12u6rLf5nNhANA&prev_fmts=1110x90%2C1110x90%2C0x0&nras=2&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=A6Mk9TZkvh&p=https%3A//rosefile.net&dtd=16

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

906658e0a876edc7328af2e28c887cd645cb79c4f92c9bd9de6e982fedc509f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 12693
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:08 GMT
expires: Sat, 01 Oct 2022 03:19:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/ Frame 45E7 10 KB
4 KB 50ms
49ms Document
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 12090
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4420
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 23:57:38 GMT
etag: 9671129459699598864
expires: Fri, 14 Oct 2022 23:57:38 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7B93 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7f0a5567631bce14fcb6ee097dc2b68ee785054ab6e086ddedfac88539d4a6a6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame CAE1 2 KB
1 KB 61ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAD8oAK3r1WAAQrOxfyRsxPAp0GatCmVw&u=%7CgonU6PUF9UWLWnfaxz8NeL2IhTHsCADeYEAVh8plNg0%3D%7C&c1=VEd5MTeK-DVtvwpxQwkatQ5fNcsqqVzrGxHd21mMpxNh6ptbvoFGr5-taiijmDVNfEog-pHxa6wvg-tUOFnI35X_pU8_0OeqpOBfOVOB3Pf9SBNM6eCrMqJEjLQw5nO1pVc3ungIVjwni_B2QtiuSUrcGyQsp4Xx6KNtieR8ByNJk0t77wMRMjzAFAyiwV2wjJWgTjrjDF2QyWzvMOa9kRKjXbyIL4siWRueuD3jEPJXpkJX8U9_1oPGgmqxWOkTqQYP8nosrIvKcvHkD2hJJJ23N4_4fJk7NB-5tZ80nUI66RESWeAZR-NuG_Z0nG6yaFZRDr0rQrvTKB3MOKfl85_UEn_ASPDDAZZQs5Zz7myLsyVfR-egYnZZ1ww-p_SeN8vz_Ia2QpIL6KZTYkr0bh7Ap0_LeF2Yh_yVVPDH7KO5AKDdhrmexYXrAixaDliAGiS9FAdzB3b5C3feullSwXZmcOhM37wn6B-uQ0cQdIMy_Bq3nQDtU-ysSPJxdzNhWcAeVL2S8rmBN3UvWPLdjrUs8bhfcgg83RBurFrwPHlMJ9gTnRK31_qhDQ8hyOERnN9WOQuRIHs5M1Bkml9hyvlg4SNSkqtMY1_ctMu0jOk-7HUVcUZ5lruYRi219YIv8Hsn8XtS5Os&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCZ-_VrLE3Y4DlD9b6-ga71pCID8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzQ0OTA3NDA5ODQ2NjMxMaAB1bbS6gPIAQmpAhaE2m-4cbA-qAMBqgTBAU_QYaStIAIfEm8D-g3n5XsTFiJ0h0tQSMzNoJ9qPUOugtJm75WlhKTf8dujhZqVOsrVsbgY1USGmcD4PS_5zrqnU4NMbHgMTmE_Sc1pLv8E_PWSuo5tTkYBo6A24HrB43ebJPQlmmw57kMYPNJ54VlfpDDwAceIlwBhLpTh_dl7eSJyEamDf8L6_HS557ORJ8XieAMPTBWlYjOKn8eweqyT1w_kyYkKbSyP13jhTe0UEU7AcO90PfREOuH9in_eJVyABvjL7tXPrIbYiwGgBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2T8rOB4tCIWD2CjiCcYKq5JE7Jqg%26client%3Dca-pub-7449074098466311%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame CAE1 2 KB
1 KB 60ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame CAE1 308 B
637 B 53ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame CAE1 293 B
621 B 55ms
17ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame CAE1 43 B
348 B 77ms
19ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=GCtjZJMpIgmUGI7hegbc59rbKhi45aB6R7Mg8jwouVx1P9GheRmSBjDo3wHnZxCsaIPXYiVu3yzPHdeggZCoUIf0XjPlR7lDUl4GW__Nj1ioy5o5EH2reUjg3z-EjHnnG7vvpDTayBevNMlXwycs4r9TnNy_PnNtm7XSs-hhi4HIjbuKHHOtim1uMg988PJuFQ8MhOzGzN7D25wYWoGWRXpFVMsIEE8tLY6p0IMRGSpdJS79gyjEJIva5vEPRoXrnq3FUMbEzn3rSPsF1XyEZz_8L-Xwq7XW19QvJ7aodxT58BW6XR7Ngp6cHfdMsSibr6a-gHTyxZInMiVjLsqha8YqwYc9H3BMuR_6anU79zZc0UtqJ_5yPO6Rg2I9GkYv0DJ28AQQBEA63x3Nw4XyB1I3zENMARisvIb5vJ4_kadMBR1z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3864372
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 3123 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 76991bd0ff8917e579e44995d140689284fcf0513498b384c9ef8e8202db3bed

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 45E7 0
0 95ms
95ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CAiB7rLE3Y8iDEIXg7gP3rY-gAsme0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzQ0OTA3NDA5ODQ2NjMxMaAB1bbS6gPIAQmpAhaE2m-4cbA-qAMBqgS_AU_QOTQcGKg1VDdEKW0nJMlvCFqcYjUizL7XePU6AqbnsFaCPHK4odjK1lu77ndcgUf6GF0WrHTLAKa6rfFtPgeDst5MoyCbFW9oi8XeoyCBcD2VeJO-dFhTQVY26NAs3sfc8243U_Q_CDAkmXH4I0qlvSuTnuZVSdjLfrSl1iAgCmTwG7rDykkLvbNjgBNegpR6b-N-nYD-LIzLgmwO_RPyFu7XW49WLlov7M5PHiPjbFv0T-RkkGfMhV-GN76DgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NDQ5MDc0MDk4NDY2MzExGAA&sigh=J1SWlppzuXc&uach_m=[UACH]&cid=CAQSGwCsnQUx9XlAV3VfgfHiueIf4oQVwLUlbox9exgBIBM

Requested by

Host: t.co
URL: https://t.co/eyrF5BKa8r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 01 Oct 2022 03:19:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 45E7 0
0 93ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kJCTFMz6RO0HfJ2DYgICAAAAWOZQFyuXOpoQq7E3Y4Feptiroydi4wJOABIAAA&wp=YzexrAAEAcgKe7AFAAPW97QCzgeZ16Dsd1jeEQ

Requested by

Host: t.co
URL: https://t.co/eyrF5BKa8r

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 219017
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 61BC 200 KB
58 KB 123ms
123ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAEAcgKe7AFAAPW97QCzgeZ16Dsd1jeEQ&u=%7CgonU6PUF9UXvgvIOdh%2FSfp1G4Eik0J97s4yCHl9mYBE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXRYIB48iHA-NoQ3zlbXygcXPig9aPHB3P4a5X50E3kr3AnrRSBhy9tK2bXCumaaZzN2sbeFRcSEUhdWfiEK5pvEP0OKazF1RFhGTk032_hNZXaWcMSDJLjIMd_OqOFf48ZWUePDtsVaBU0BQ-pEn6H6pcKH8a884YMtogxG2yM57pzq24G1UJZFYTeq8pedsCBGarSCy8dG6Vef-rWEWPi4CKYi4SpMHesp1ucjtG5tbpaBS3dXrYCaLP8Qif73JH_FqpHwEbf2Bieh6YCBdPjsOjoaWt8lHbfeJVRiD1wmaUdC3J4vBt0FvHv3wHKYfVE8HHiHdO9F8l3nHbYzkVFC7F4BTDrPpisFWYwQdZbjoKFFjJGJNKjr8qbF1NFJuBWgMqW-di04K7hivoB5ypK7U6m941b22jAln-TQIt55i0uyoUNlxp3vxs8POayndfdkrxyY4Zvr2Jk0RMwQNnnLJQoVj0XGsFjEZY4FeTOiOhRRwOSQOU-uwQEXfALGr76O0I0pRbMXfb9OfYWmtwJ-gg43qY14gte2GLpZqk-kKw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFX3grLE3Y8iDEIXg7gP3rY-gAsme0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzQ0OTA3NDA5ODQ2NjMxMaAB1bbS6gPIAQmpAhaE2m-4cbA-qAMBqgTCAU_QOTQcGKg1VDdEKW0nJMlvCFqcYjUizL7XePU6AqbnsFaCPHK4odjK1lu77ndcgUf6GF0WrHTLAKa6rfFtPgeDst5MoyCbFW9oi8XeoyCBcD2VeJO-dFhTQVY26NAs3sfc8243U_Q_CDAkmXH4I0qlvSuTnuZVSdjLfrSl1iAgCmTwG7rDykkLvbNjgBNegpR6b-N-nYD-LM7Jo_6Jco_hqXLD-F9riKIm-MT5FA377u88ckKWL3ngndoss608S12IgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_22RubeTXQ10P78njGA3jO_MHBO6g%26client%3Dca-pub-7449074098466311%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3bcbc292cf3fcec706615a72fb911c23c93f59c06725d003b36f898395a64689

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:07 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=tPAJeEbxLsSyLYoU3QdzFYlTxCVZ6v8RGdPriV8zUYzQjjBYsjRs8KEd57axFh0V6nx81yK_ULzaDFET83hcM3AxcL4CtVkVRr-MeqeNhOw_2saUyvEVTmj2z5tUxMDBH9P3GoGCEc__kFmoi_25gOZ5QXAUOLdxx20puEgJ6ZwOFnDYlXLkeZymIEJQt9uUDBkQ3iBUCO5fLZu5V7hiyrm2xcdthvRR2_v3zEbjfOkffGlnbNR85vET1OoTFCPw2dFi1w"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 97389697
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 45E7 3 KB
1 KB 136ms
52ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 02:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 02:23:51 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 45E7 17 KB
7 KB 135ms
51ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 02:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 02:33:30 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 45E7 140 KB
44 KB 136ms
58ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220928/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Oct 2022 03:19:08 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame CAE1 12 KB
5 KB 67ms
29ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5639252
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BL%2FaqAtEWl%2BRxm%2Bkl8qEFvxayAu3ogVByjmqprangRdCNfWUL29FY2tTVSXCztniDh662vNFGoLULVadrbBtmmvIeJ7%2FYqeihgEvt7RFY97%2BEiGrmXaZJxpMAUZVvY2gFbQDul%2BaQFNn8J0G1IEQb1Mc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75320e1748b45b7a-FRA
expires: Thu, 21 Sep 2023 03:19:08 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame CAE1 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CAE1 7 KB
7 KB 71ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=25080&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F25080%2F220505%2Fb0df4b81f52f48c386b6472c88230d0b_vev_luxury_second_hand.png&v=3&w=196&s=ZrvF-w5UjhMzNscNjPFNrq8s

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f584c5c806d7e630ee79af8ea75f77042b9b6cc3799973e92b166c45ed471ed1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28942608
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7216
expires: Fri, 01 Sep 2023 02:55:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CAE1 4 KB
5 KB 85ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1007504%2F49%2F1007504-49-image-1-61e88a9d1583a.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=rFMiDmZ3sWCLKxZxkR901YjE&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7b2c802757887409d2db84ca507fd59fe5e966bc29f66e5a3983e7ea3411d3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=13095
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4576
expires: Sat, 01 Oct 2022 06:57:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CAE1 12 KB
12 KB 94ms
38ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1162072%2F1269%2F1162072-1269-image-1-62a18341543c4.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=cinN7khUoTX1kq5AZ0p4Qvt5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

24435cb4e37717aabeb536f2ed212636c86fbbf9dd42d0c7499c1ebd49e3d558

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=37831
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12290
expires: Sat, 01 Oct 2022 13:49:40 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CAE1 14 KB
14 KB 81ms
26ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1217320%2F37%2F1217320-37-image-1-62f3e5a087258.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=EKkTqEqsvoC9gWE9BmRfIeS8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

93641a07712a62c4625af81e529031764de1265c55363cee883c1c54766ff074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14054
expires: Sat, 01 Oct 2022 03:19:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CAE1 6 KB
6 KB 92ms
37ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1182200%2F1269%2F1182200-1269-image-1-62bd835702556.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=A9BvmUO172bJtK8JLrRUHZ5o&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7a24840554638afa529e5667183fc98ff482eba2a3f229c0fda2b5f877c2455f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=14398
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6084
expires: Sat, 01 Oct 2022 07:19:06 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CAE1 4 KB
4 KB 84ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F455949%2F37%2F455949-37-image-1-5fce53bfc1505.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=vJLrTxzOeL5C6A4C8yJPqghJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

23c0640cbd37c908bf315911a380f7987c247bdfb15f48c402d2549f19e9304d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=62446
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4064
expires: Sat, 01 Oct 2022 20:39:55 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CAE1 7 KB
7 KB 30ms
30ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F454707%2F28%2F454707-28-image-1-5fce003a8e9b3.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=Ds3MMSDt19-VwAPSGgLlcwF1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d1fd346908d8a8f026e8974fb61c587e62eaf2a35675f8ed015c9e1eca0fa463

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=37477
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7300
expires: Sat, 01 Oct 2022 13:43:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame CAE1 5 KB
6 KB 31ms
31ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=25080&q=80&r=0&u=https%3A%2F%2Fviteenvogue-b2c-production.imgix.net%2Fproduct%2F1240746%2F49%2F1240746-49-image-1-6317c4621e04c.jpg%3Fauto%3Dformat%26q%3D80&v=3&w=400&s=QBc_GvPrAIEDk7bpD7T9A9cn&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ca0ff842bfac90284d76effcdf3399b1c57d34141498c71f62a7270f6ea823b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=26105
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5578
expires: Sat, 01 Oct 2022 10:34:14 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CAE1 0
128 B 75ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=z4ax8EbxLsSyLYoUkmczVr_Q9jAXYhFLC8bbM6A4EJEMhn8oN9nRQ1436zbysmYHTAkpJKyt2SKOhibu-cateMJ_KgBpssanOpRQCexpPxuGcAelxaSAxViAR8CQJ_-kahEUlxz6KshYrAKHZjGDxgs3G-1Xe9ReQouP5XdYu31QIz9MO1r4NSbFrntB-Neg6UwgsnRyNaVX40aE_0ZDbpb3Prst-zqygrWLdDlISpFZOO7j58Ug2q_jIlrcoHvBtfK3Bw&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame CAE1 2 KB
1 KB 30ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame CAE1 2 KB
1 KB 28ms
25ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0077 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAD_IoK4FqFAAqf4-lvT2-SjfTe2u6ogQ&u=%7CgonU6PUF9UWBayP5FDcyljczMxavQc1eM3nlnQgFlxY%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNy44cDHK1QYNdJ71gdyCWvylMYxXMLCj4fODidRdwMR55tQ-B9hy0g9RtzwykkhATwVkapf3sZPJuxEWSKUi8imE__dT4qYDjIBLFSwMULw8P_Mi2fWvrRBfFZon9Kx8XlHNrda6XlurQg_2iaT7nzgZHkvx22h2FYcBjeHbPmlc5m8BBYpJAJaAaqsyWyXBJvgPSb1VqobDs9bdLvPka2K-ApvJtHdTaDpVR3JRa5yzAzfXJl5Xd0HxjvQlcCVjiX0o_g82lqbApw9e2AhwDB0E5B1hT0WSdfm9Fhf0O3wlj9XiQENtMe4vAJmpNEPjMAmion3ujzuG4QHmawF6xvd8sSJpdcMDXnB-XZlrXC0hZFm1USONXwuV-Zy_8Yq97AXk7eSWW6vNJFQFLaJ8aIUunsTsr3hnIDfNWGafxpB6WC3IKvJz-5W2_rEelVMOdAr4seRlJd7D3bbRUy3YpNMH6z-qCgPCSs8_Os6xR8YiNUbvPj4oKho6NfUSnYqpUclkbKaa4cnWoyZIAopXU2n1qpUoPticohW0BOg4oRT2ZZEwNeh-ajKmu-IWPgd-5zRhqXs90FyfaHo565_i-1I4ElfZIgTG_BeaqPKIwdW0&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCLIoirLE3Y4r5D4W1gQfjv6ooyZ7SsVy9jpf3cMCNtwEQASAAYJXikIKgB4IBF2NhLXB1Yi03NDQ5MDc0MDk4NDY2MzExoAHVttLqA8gBCakCFoTab7hxsD6oAwGqBMEBT9A2sfng_momAByvG1gnkWBuBBjCjt_dg5H5dN1nBZn90rWUoqkRvi8D3TRPMzgLYAO8BaKLO0hSh51xgVp_WzBxr1HAykcMn_tTZIcIXIjWSsHj-Irt0qR7HXZYIUoO0PjDSi52yCclutlA825lMUdp0shcqhO6lFts54TYDyPuKH0bpup_lhEcJx5fQIZra2Vl3reEK10jMqY_vPp7CPEHa4AkKjdTE-CfkvHgpuxlO8hSm8kvImHZg88O6VPdioAG3IqBvYCDxve2AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_26WMCn9dFrVhifK4KP1i1y36g0ag%26client%3Dca-pub-7449074098466311%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0077 2 KB
1 KB 22ms
21ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0077 308 B
636 B 24ms
24ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0077 293 B
621 B 23ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 0077 43 B
347 B 26ms
25ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=fKcSKXsnO68UYrYiDu2RaQt1qczBj8d2BVo01W5VP4DkXxe4-_imzKiIaUXQyL0AsPMW0V6UDn-yH9TxKX-5yN6wUZiH4stXkzjG6P5nQPH8YjUBQQPt1dlT36FKE85-d2xIkyKSI_upHr0uKU9s7kKDXDfhDmTcg-pWVB-WjoSNYqwUCu6SFvTwTafT_h2PwZcPxyYmPb4rKOBLdLf3iIay2kH8pEtIe1PdCiAZnDA0fcUkhb98-Ipuu3L51mUHDBLsAblyR5Wj3H96N6nLMseHu63-Els0H88yxJgWcQUVvMTUZt56LrEqJTj4upQQCFgGN1IM-1oRh6LMN-jfVQvOa-yUiQsWaRaLUTOrpRLyNAPb-yGJgpm2OLEfKbgoj9OSbrwD8mxSViBpvcVrYQFaWVkT6hN_DXwZ_pegaAMCh-Am

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:07 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3179280
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 61BC 2 KB
1 KB 23ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAEAcgKe7AFAAPW97QCzgeZ16Dsd1jeEQ&u=%7CgonU6PUF9UXvgvIOdh%2FSfp1G4Eik0J97s4yCHl9mYBE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXRYIB48iHA-NoQ3zlbXygcXPig9aPHB3P4a5X50E3kr3AnrRSBhy9tK2bXCumaaZzN2sbeFRcSEUhdWfiEK5pvEP0OKazF1RFhGTk032_hNZXaWcMSDJLjIMd_OqOFf48ZWUePDtsVaBU0BQ-pEn6H6pcKH8a884YMtogxG2yM57pzq24G1UJZFYTeq8pedsCBGarSCy8dG6Vef-rWEWPi4CKYi4SpMHesp1ucjtG5tbpaBS3dXrYCaLP8Qif73JH_FqpHwEbf2Bieh6YCBdPjsOjoaWt8lHbfeJVRiD1wmaUdC3J4vBt0FvHv3wHKYfVE8HHiHdO9F8l3nHbYzkVFC7F4BTDrPpisFWYwQdZbjoKFFjJGJNKjr8qbF1NFJuBWgMqW-di04K7hivoB5ypK7U6m941b22jAln-TQIt55i0uyoUNlxp3vxs8POayndfdkrxyY4Zvr2Jk0RMwQNnnLJQoVj0XGsFjEZY4FeTOiOhRRwOSQOU-uwQEXfALGr76O0I0pRbMXfb9OfYWmtwJ-gg43qY14gte2GLpZqk-kKw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFX3grLE3Y8iDEIXg7gP3rY-gAsme0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzQ0OTA3NDA5ODQ2NjMxMaAB1bbS6gPIAQmpAhaE2m-4cbA-qAMBqgTCAU_QOTQcGKg1VDdEKW0nJMlvCFqcYjUizL7XePU6AqbnsFaCPHK4odjK1lu77ndcgUf6GF0WrHTLAKa6rfFtPgeDst5MoyCbFW9oi8XeoyCBcD2VeJO-dFhTQVY26NAs3sfc8243U_Q_CDAkmXH4I0qlvSuTnuZVSdjLfrSl1iAgCmTwG7rDykkLvbNjgBNegpR6b-N-nYD-LM7Jo_6Jco_hqXLD-F9riKIm-MT5FA377u88ckKWL3ngndoss608S12IgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_22RubeTXQ10P78njGA3jO_MHBO6g%26client%3Dca-pub-7449074098466311%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 61BC 2 KB
1 KB 24ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 61BC 308 B
636 B 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 61BC 293 B
621 B 17ms
16ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 61BC 43 B
347 B 18ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=iulvQaRIYb2R1_pVszN_nNZuML3lveFdnoDH6G_R9_sIoA9kmdiHHUtWMOiplIuyBbbyG04BvvEDN0XMlUIet6xXqOneU0Y15bUN3bdt6ciN0fy-8skUxkaq5voypQ-ourqZkVo_hvdwbJvzhhCPdA2kSrrv5TBMV9TVwzuL4nDRnPUDNSDBlCVA8j3f963SQ80CR3eQV2soQ-2hafmiQaVhUW-SLPQG86OVkqMHzvmtfFMObOXvjpF8Zge6IVTDTS6U53C0obgVo-qH3m9WM-AWfRHZ7GTNq64IZoxIq5DPcxKPDTDm6PaFfUYd6S8GgNynmxUXAYG2q5e09ycGBRxnU1BQC8L_2CDRPZzciGcXWbrhMJuZ9HRKjUwD3KKLCRxFb0PiQNrmDGjMZm_z1yf6RoFw-sr05b2YDxBF-Hg9qz-v

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3086591
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 61BC 44 B
753 B 223ms
112ms Image
image/gif 2600:9000:214f:6e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1664594348
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YzexrAAEAcgKe7AFAAPW97QCzgeZ16Dsd1jeEQ&u=%7CgonU6PUF9UXvgvIOdh%2FSfp1G4Eik0J97s4yCHl9mYBE%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANRoSRGLELBQED9WGHkdfKXRYIB48iHA-NoQ3zlbXygcXPig9aPHB3P4a5X50E3kr3AnrRSBhy9tK2bXCumaaZzN2sbeFRcSEUhdWfiEK5pvEP0OKazF1RFhGTk032_hNZXaWcMSDJLjIMd_OqOFf48ZWUePDtsVaBU0BQ-pEn6H6pcKH8a884YMtogxG2yM57pzq24G1UJZFYTeq8pedsCBGarSCy8dG6Vef-rWEWPi4CKYi4SpMHesp1ucjtG5tbpaBS3dXrYCaLP8Qif73JH_FqpHwEbf2Bieh6YCBdPjsOjoaWt8lHbfeJVRiD1wmaUdC3J4vBt0FvHv3wHKYfVE8HHiHdO9F8l3nHbYzkVFC7F4BTDrPpisFWYwQdZbjoKFFjJGJNKjr8qbF1NFJuBWgMqW-di04K7hivoB5ypK7U6m941b22jAln-TQIt55i0uyoUNlxp3vxs8POayndfdkrxyY4Zvr2Jk0RMwQNnnLJQoVj0XGsFjEZY4FeTOiOhRRwOSQOU-uwQEXfALGr76O0I0pRbMXfb9OfYWmtwJ-gg43qY14gte2GLpZqk-kKw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCFX3grLE3Y8iDEIXg7gP3rY-gAsme0rFclcmU93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItNzQ0OTA3NDA5ODQ2NjMxMaAB1bbS6gPIAQmpAhaE2m-4cbA-qAMBqgTCAU_QOTQcGKg1VDdEKW0nJMlvCFqcYjUizL7XePU6AqbnsFaCPHK4odjK1lu77ndcgUf6GF0WrHTLAKa6rfFtPgeDst5MoyCbFW9oi8XeoyCBcD2VeJO-dFhTQVY26NAs3sfc8243U_Q_CDAkmXH4I0qlvSuTnuZVSdjLfrSl1iAgCmTwG7rDykkLvbNjgBNegpR6b-N-nYD-LM7Jo_6Jco_hqXLD-F9riKIm-MT5FA377u88ckKWL3ngndoss608S12IgAbHzc-Y357tqfkBoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_22RubeTXQ10P78njGA3jO_MHBO6g%26client%3Dca-pub-7449074098466311%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:214f:6e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-cache: Miss from cloudfront
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
cross-origin-resource-policy: cross-origin
content-length: 44
pragma: no-cache
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
x-amz-cf-id: qcy9JU0x1wM-LROQZdBygQPaaeu-kOxy3y4eRFxcx8exj3Rl-dkjYg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5B8D 0
0 111ms
109ms Fetch
text/html 2a00:1450:400d:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cm-QErLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExAFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhCErRuIaTPxtMzkiUTE_vIzDwbf2w8Uk7X3Dls2v3UxOfz9MsXgxgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBAgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc0NDkwNzQwOTg0NjYzMTEYAA&sigh=D2MTWQ5wAiE&uach_m=[UACH]&cid=CAQSOwCsnQUx0Jc4oS4yJ8632Szj3Ba9N3hqgfDmcYd7sxC7SODD1EDj-U3tvECTYmICCzeYtrpj1LQ_inFtGAEgEw

Requested by

Host: t.co
URL: https://t.co/eyrF5BKa8r

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1664520975957&w=1200&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=1&to=qs&pwprc=1398849173&psa=0&format=1200x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594348489&bpp=1&bdt=1075&idt=1&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6279cd99ffc39c61-225c8e4f33ce0028%3AT%3D1664594348%3ART%3D1664594348%3AS%3DALNI_MY8-p9ne6GLggTD12u6rLf5nNhANA&prev_fmts=1110x90%2C1110x90%2C0x0&nras=2&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=A6Mk9TZkvh&p=https%3A//rosefile.net&dtd=16
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 01 Oct 2022 03:19:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 204 winResponse
prod-rtb.ad4mat.net/ Frame 5B8D 0
0 165ms
39ms Fetch
image/gif 2600:1901:0:76b9::
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prod-rtb.ad4mat.net/winResponse?a=1h53v3j4y1tzwq700ap8g4wncnxc7xrs0013fzn54e5ygsf0m2dbkxscj95x4xafn3g5gceb2z5006m2y6tmfdyk2kw4829a4ngpx3hdgfh18ra6cb1h4abw3zn112qvrwtrpbp535r7xv3x1tg8dzdbp4700cay41tzzmdgq1mazckj1y1s89a9vcrzgyvpehrntprdmx8cvhxsv3yf8r3d669hemr9q89xfenpergfwydbm0z5mw1a3k1vn6jmwpavwqevgez4gx0jjzdbvjdm0behrrkcsja9sdj7ec6ta4c7z2na3r3gayj59ag563tp3msqxmm7mzhgz7csbbyjdc92dqzq4j1mmfrbtqmtf53xw5yw0k4bsjky7nz0cmm647aam3zjzzsabdbr5c2abg&b=YzexrAAIXEUK3qKCAANpECK2idiPePxdfA5mTQ
Requested by: Host: t.co
URL: https://t.co/eyrF5BKa8r
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:1901:0:76b9:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 01 Oct 2022 03:19:09 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: image/gif

GET
H2 200 dr Show response
as.ad4m.at/ad/ Frame 78D1 2 KB
2 KB 79ms
30ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/dr?ed=1g5nra2xgmnnjapr2bbsk98w9syr11759kthabxcs6jqemc18r0evj5mrtp947sqsf8bea0yvyjmbtgkwrha3v5x1z4n735y9kabftveeyncc94tvd740atmvye99eb17qwns97ke21p2sr2nffannk2vn8at26htyb2pb1p5nac5evme8tsh08pzkkb48z1an4jwq7pkcy8ak1b3p3kfcd2jgcs8tcrv50jhqwrjyyaa5xezb38ehbkdctyw6twj40d8a32xs5skexgmzh22ha4ktaab8fw43ygzgk5mq729f45mhr1m190zte2h5e667rp232yjpse7ptdv1nvhp323ngx6zcynn6rmqf9dqvw2ew9kzxr501et2ypfdvq5hdtwwrkvrzfpfjc07d587w4dkzrhehz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%26client%3Dca-pub-7449074098466311%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1664520975957&w=1200&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=1&to=qs&pwprc=1398849173&psa=0&format=1200x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594348489&bpp=1&bdt=1075&idt=1&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6279cd99ffc39c61-225c8e4f33ce0028%3AT%3D1664594348%3ART%3D1664594348%3AS%3DALNI_MY8-p9ne6GLggTD12u6rLf5nNhANA&prev_fmts=1110x90%2C1110x90%2C0x0&nras=2&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=A6Mk9TZkvh&p=https%3A//rosefile.net&dtd=16

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44ce21037b31a658c960ae1f9ecc0abe3acb9ffdc20daa89acb81bb17fae68dc

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75320e19bd50903d-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:09 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 5B8D 3 KB
1 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 02:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3317
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 02:23:51 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B4C6 1 KB
749 B 46ms
43ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26395
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 19:59:14 GMT
etag: 48472445140208031
expires: Sat, 01 Oct 2022 19:59:14 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/ Frame 5B8D 17 KB
7 KB 43ms
41ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220928/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 02:33:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2738
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7559
x-xss-protection: 0
server: cafe
etag: 15289875785628835784
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 15 Oct 2022 02:33:30 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 5B8D 0
0 201ms
74ms Image
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwX3TnyjbEI8AEON3ou8CnWTJcNincj_ppZNI2w7RsdZgbQqVpz5-kBD_gCCEaeEghgheNEoc5VXVjnSWRtl3tXJMCnQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1664520975957&w=1200&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=1&to=qs&pwprc=1398849173&psa=0&format=1200x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594348489&bpp=1&bdt=1075&idt=1&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6279cd99ffc39c61-225c8e4f33ce0028%3AT%3D1664594348%3ART%3D1664594348%3AS%3DALNI_MY8-p9ne6GLggTD12u6rLf5nNhANA&prev_fmts=1110x90%2C1110x90%2C0x0&nras=2&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=A6Mk9TZkvh&p=https%3A//rosefile.net&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5B8D 140 KB
44 KB 47ms
46ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44530
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664365478704152"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Oct 2022 03:19:08 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame CAE1 1 KB
902 B 152ms
47ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

fff15b94aca6e5009fa59ef79f4d1b49fdc7fa9e3e4c646debde8e6d6e24703b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 Oct 2022 02:59:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Oct 2022 03:19:09 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 0077 12 KB
5 KB 114ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 5639253
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=m6BbuISXW3b7vKz0G1pTxtTI1Jwh%2FGEkD1zJPrPtVfD8G3KMOF4t5NoByTpscDXLMrQ5nfiPFm1wHIOFG5QawXmKNVVDFJ8tm8sMdAD1KhxP89SAwhMOi2JMzFH3bGiE7L7DYMCnUjF6bbl%2Bu4ZPPv%2B6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75320e196d199a24-FRA
expires: Thu, 21 Sep 2023 03:19:09 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0077 12 KB
6 KB 16ms
16ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:08 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 11 KB
12 KB 19ms
11ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F190121%2Ff5aeb75966fa423aa72c4303d62e50ae_logocon.png&v=3&w=498&s=Ei1_11WV6du48btETbS9xn_P

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bcf7965c964e567124ebbd41f202b1ab95929ea6e561996d1b28ec226746b80a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30496428
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11587
expires: Tue, 19 Sep 2023 02:32:57 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 26 KB
26 KB 25ms
13ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19205245-u4rt2stu.jpg&v=3&w=400&s=5GmU8gUqtkTe_aRKRNSlzsbm&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

02af080e15f7ae2ffeb18e9636a3da4343397594a61a9b859a953f15eb13cde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26832
expires: Sat, 01 Oct 2022 03:19:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 9 KB
10 KB 34ms
23ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19180157-hN6eHA8S.jpg&v=3&w=400&s=gJmuV2x3-kbtEpqz7B20qAYe&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

80ae6a05566c108569ee9e8399aa7621b7c0e6fac1ed5eadd26b8a72d80a44ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=477853
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 9484
expires: Thu, 06 Oct 2022 16:03:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 354 B
618 B 31ms
19ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&s=udlF2dvpi5ijHI7Drv9lLjiT

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29497054
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 354
expires: Thu, 07 Sep 2023 12:56:43 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 21 KB
21 KB 29ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1559544429%2F19164578-lhPNHF41.jpg&v=3&w=400&s=T1D6zTtnMl7u5h1ZRnZPvnk2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

640370d8cc619c5f6a02829b0bb193eb67a39f2837b359884cc18e4709e45b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=297522
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 21106
expires: Tue, 04 Oct 2022 13:57:51 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 26 KB
26 KB 34ms
23ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20266421-SFFeKXd4.jpg&v=3&w=400&s=pDUTbeGSX7guL1Uy7IrgBgd0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=297161
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 26196
expires: Tue, 04 Oct 2022 13:51:50 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 14 KB
15 KB 39ms
27ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F22149547-hEjDhpPQ.jpg&v=3&w=400&s=wUVLGA_IoYYIYR7AQgCFuJBd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

6127e12fb7db30215c5b8c5c9239e97f2de7e2a97368be42e2287f777a872166

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=459928
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 14600
expires: Thu, 06 Oct 2022 11:04:37 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 47 KB
47 KB 41ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F18165615-qpwT3XCF.jpg&v=3&w=400&s=YT2HhPimxfvxdHFQjfeIP5g0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2da1bbe120e5eb0e19ce8299926f0f0f728a68625a00fb6d07675687675f6998

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=297428
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47680
expires: Tue, 04 Oct 2022 13:56:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 6 KB
6 KB 40ms
29ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F20272478-MnPZc1XH.jpg&v=3&w=400&s=2hIMw_k4Lumm1zV2x60iq5Ep&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c83e17589ab16879ca50f1e59f6db979ccae09497b73a61eae7f9b44a74d7c51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=297585
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5774
expires: Tue, 04 Oct 2022 13:58:54 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 305 B
569 B 39ms
28ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_5.png&v=3&w=400&s=TEaRsCHzuSj0zAgZi9PepHsv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28024565
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 305
expires: Mon, 21 Aug 2023 11:55:15 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 8 KB
8 KB 47ms
36ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F19038596-fuPQ4ysT.jpg&v=3&w=400&s=I8c434IOm5Q0vBEcRs1IdjFf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

61618d3d872ac2cc07c14cbc8c9053b222dd84840e7b9a5c16e9110425f96161

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=528712
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8242
expires: Fri, 07 Oct 2022 06:11:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 17 KB
17 KB 49ms
38ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1544791206%2F14227101-FRYxJ6W3.jpg&v=3&w=400&s=Vw6TW8tqlotHn8vKAgph-5G-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a30019bca9afcf5c4a19d136d8c172ae899322b40124e1735a68f6899d71b2e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=303922
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 17468
expires: Tue, 04 Oct 2022 15:44:31 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 23 KB
24 KB 50ms
40ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1657105603%2F22148760-4XGmLPLP.jpg&v=3&w=400&s=akqDBhj-CQJx4mtUHzB0fP71&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

386a52be8839d3122099fcc53dba24e3dff4b904983e26b52d5dd774e0bb525a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=526471
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 24038
expires: Fri, 07 Oct 2022 05:33:41 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 5 KB
6 KB 47ms
37ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1660045789%2F22178355-kVJHZXma.jpg&v=3&w=400&s=zs-iVN6gCor9ixOtFSJBikeA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

2c8a032e0ae2ca97bbfec40674fbc98a20825a0245b3774a6cb2138e73c596d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=445629
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5438
expires: Thu, 06 Oct 2022 07:06:19 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 30 KB
30 KB 53ms
43ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F0%2F14064791-fM0DtqRD.jpg&v=3&w=400&s=gUUvw6t-w-Q2szSe6-SWNxMs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9b68fd5f8ec09c463380df5d4bebc70b9a738d1e66de214d7c924ff7a158c562

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=297712
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30584
expires: Tue, 04 Oct 2022 14:01:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 8 KB
8 KB 48ms
39ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1566828799%2F14126746-HMY3qthl.jpg&v=3&w=400&s=jIxeW_saTSzSY3HMeR1TXAD3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

0f07477fd69ed6a831a43210db8a7ba753fe95ea9419b85e78d759057c5ff11c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=299181
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 7924
expires: Tue, 04 Oct 2022 14:25:30 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 13 KB
13 KB 54ms
45ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1604937231%2F20266387-UwvLsSXJ.jpg&v=3&w=400&s=Ze75HCCblfJpdU4mLtmsk3my&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b7481e5d1621d47cb93e0a1188fbe69fa3f46b82a6812bad09663e3a3fdc9281

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=297301
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 12992
expires: Tue, 04 Oct 2022 13:54:10 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 20 KB
20 KB 50ms
41ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1562047746%2F19195507-LaHp5YlU.jpg&v=3&w=400&s=O0-dv29Lbq3ZPYUHke10cLAa&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

53d20c03fa34aa6dc814040e908b1e128ac8b3bbf58ad049600570e0685b83e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=297140
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 20214
expires: Tue, 04 Oct 2022 13:51:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 11 KB
11 KB 54ms
45ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1566544646%2F19187611-ReLEvG29.jpg&v=3&w=400&s=JNvSEftBVcCBXnTj0Rbo2mR5&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

80efe2128130ab8393cf0be9e0d3743fe7bdeaba03b1ab9ba33f8c466e9c31e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=308888
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 11458
expires: Tue, 04 Oct 2022 17:07:17 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 0077 34 KB
34 KB 51ms
43ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1465997598%2F16126092-hmhnjDEi.jpg&v=3&w=400&s=EEw76Ac7I_7L5W1oqw7wWbDG&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

f54309f6fa01085657419874dad7ce532b124864d0e18f8f98cfb45c95f3e6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=19574
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35006
expires: Sat, 01 Oct 2022 08:45:23 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0077 0
127 B 22ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=xW0F1kbxLsSyLYoUn8brAwzH9j2mOVzkIgKxufz-zx-1XFjYYRmZqQ8Wcv9GLp9SbN5RNkT1gUHKLGFrNy9Iv-n8e_FNEALhuetqFifaShzc7IzaS2OiZo-8bnqglnpntdyLPuGrOkxqm28dBKLoP3VcrrgmDGnOcBKuXsmD7H3JmiGzVKnrJz7fiaLWmj-5E9wEr5QeAUniW9NNajK5x65czYpvz7ZPxn_Q1Gf_LfLa9qSBHpU2JpQbuLbJjLO-8beQYw&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0077 2 KB
1 KB 32ms
26ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0077 2 KB
1 KB 21ms
15ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:09 GMT

GET
H2 200 d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff
static.criteo.net/design/dt/ Frame CAE1 42 KB
42 KB 50ms
16ms Font
application/octet-stream 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/d21ec34ccf4f465abd5a78b717971bf0_klavika-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d2e47ce9d709494e8a4c5d4bf47774a0dbaeaa17c259a429f18372e36777578e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Mon, 12 Apr 2021 08:02:01 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6073fe79-a654"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:09 GMT

GET
DATA 200
OK truncated
/ Frame 45E7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8d199fc11ccd695149203d21557ba43c22266dfa0073afef4ba1f754db40bec9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 rP2Hp2ywxg089UriCZOIHQ.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame CAE1 18 KB
18 KB 135ms
39ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Hp2ywxg089UriCZOIHQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 29 Sep 2022 21:01:46 GMT
x-content-type-options: nosniff
age: 109043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18096
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:12 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 29 Sep 2023 21:01:46 GMT

GET
H2 200 rP2Cp2ywxg089UriASitCBimCw.woff2
fonts.gstatic.com/s/dmsans/v11/ Frame CAE1 18 KB
18 KB 147ms
52ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/dmsans/v11/rP2Cp2ywxg089UriASitCBimCw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=DM+Sans:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 19:20:45 GMT
x-content-type-options: nosniff
age: 28704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18212
x-xss-protection: 0
last-modified: Thu, 21 Apr 2022 16:54:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Sep 2023 19:20:45 GMT

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 78D1 85 KB
11 KB 47ms
29ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5nra2xgmnnjapr2bbsk98w9syr11759kthabxcs6jqemc18r0evj5mrtp947sqsf8bea0yvyjmbtgkwrha3v5x1z4n735y9kabftveeyncc94tvd740atmvye99eb17qwns97ke21p2sr2nffannk2vn8at26htyb2pb1p5nac5evme8tsh08pzkkb48z1an4jwq7pkcy8ak1b3p3kfcd2jgcs8tcrv50jhqwrjyyaa5xezb38ehbkdctyw6twj40d8a32xs5skexgmzh22ha4ktaab8fw43ygzgk5mq729f45mhr1m190zte2h5e667rp232yjpse7ptdv1nvhp323ngx6zcynn6rmqf9dqvw2ew9kzxr501et2ypfdvq5hdtwwrkvrzfpfjc07d587w4dkzrhehz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%26client%3Dca-pub-7449074098466311%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/dr?ed=1g5nra2xgmnnjapr2bbsk98w9syr11759kthabxcs6jqemc18r0evj5mrtp947sqsf8bea0yvyjmbtgkwrha3v5x1z4n735y9kabftveeyncc94tvd740atmvye99eb17qwns97ke21p2sr2nffannk2vn8at26htyb2pb1p5nac5evme8tsh08pzkkb48z1an4jwq7pkcy8ak1b3p3kfcd2jgcs8tcrv50jhqwrjyyaa5xezb38ehbkdctyw6twj40d8a32xs5skexgmzh22ha4ktaab8fw43ygzgk5mq729f45mhr1m190zte2h5e667rp232yjpse7ptdv1nvhp323ngx6zcynn6rmqf9dqvw2ew9kzxr501et2ypfdvq5hdtwwrkvrzfpfjc07d587w4dkzrhehz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%26client%3Dca-pub-7449074098466311%26adurl%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 392511
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75320e1a59976977-FRA
expires: 0

GET
H2 200 fxpcopuw.js Show response
ad4m.at/ Frame 78D1 36 KB
13 KB 43ms
28ms Script
application/javascript 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/fxpcopuw.js
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/dr?ed=1g5nra2xgmnnjapr2bbsk98w9syr11759kthabxcs6jqemc18r0evj5mrtp947sqsf8bea0yvyjmbtgkwrha3v5x1z4n735y9kabftveeyncc94tvd740atmvye99eb17qwns97ke21p2sr2nffannk2vn8at26htyb2pb1p5nac5evme8tsh08pzkkb48z1an4jwq7pkcy8ak1b3p3kfcd2jgcs8tcrv50jhqwrjyyaa5xezb38ehbkdctyw6twj40d8a32xs5skexgmzh22ha4ktaab8fw43ygzgk5mq729f45mhr1m190zte2h5e667rp232yjpse7ptdv1nvhp323ngx6zcynn6rmqf9dqvw2ew9kzxr501et2ypfdvq5hdtwwrkvrzfpfjc07d587w4dkzrhehz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%26client%3Dca-pub-7449074098466311%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 319127
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Wed, 27 Jul 2022 10:39:36 GMT
server: cloudflare
etag: W/"1a2552545a3303319c45b19addfd8947"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vrVGrXjndUveZA609e9R%2F8rpM6j6rM81xgGr7k7lR5bOLLF8vYuQ9GL75wnwHtd03W3CoJQRyxF%2B4h6Ee%2BPWp2JS0rlTVlL3W41N8ntgUlGjUb6pMOdPUt4tZu5H9YSAwIP%2BlSQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=3600, must-revalidate, stale-while-revalidate=300
cf-ray: 75320e1a5dde903d-FRA
expires: Wed, 21 Sep 2022 13:12:03 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 61BC 12 KB
6 KB 16ms
15ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 61BC 5 KB
5 KB 20ms
15ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=P1mM87GxKeNVtHqDGH1gb7rz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30764342
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5106
expires: Fri, 22 Sep 2023 04:58:12 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 61BC 1 KB
2 KB 21ms
17ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2Flogohidden-professionals-GmbH-97267DE.gif%3Feb%3D1&v=3&w=800&s=V_ZNrXFScZltk3WSrE71MkfL&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=727012
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1306
expires: Sun, 09 Oct 2022 13:16:01 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 61BC 2 KB
2 KB 20ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoFormel-D-Group-3583DE-2008190935.gif%3Feb%3D1&v=3&w=800&s=VqTak-1PQuSgw4NtqaFRO-V1&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=889539
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1672
expires: Tue, 11 Oct 2022 10:24:49 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 61BC 2 KB
2 KB 24ms
20ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDZH-GmbH-71233DE-2201071435.gif%3Feb%3D1&v=3&w=800&s=vpGm_seSEYg5jupcMbmNinfn&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1854463
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1540
expires: Sat, 22 Oct 2022 14:26:52 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 61BC 752 B
1016 B 24ms
21ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FC%2FlogoTrustlog-GmbH-296431DE-2203301315.gif%3Feb%3D1&v=3&w=800&s=IvTFlInTCTl6JoK7GVEqLcR9&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

4b12a8d6ae46f73f3f3aa72bbb620aa14b48deecd6191c5ca0f264a08e934dcd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2173753
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 752
expires: Wed, 26 Oct 2022 07:08:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 61BC 1 KB
1 KB 25ms
21ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoPwC-2965DE.gif%3Feb%3D1&v=3&w=800&s=P1iwqlztP-6RPDJ2TSVIR8NP&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1226
expires: Sat, 01 Oct 2022 03:19:09 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 61BC 4 KB
5 KB 20ms
16ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F9%2FlogoALDI-Nord-67503DE.gif%3Feb%3D1&v=3&w=800&s=Wo6NatkDtDW2fY1DLR3ceyx1&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5cd38d861db3fb969bbd70a1073f6b4d7092e7d5975379be9bffb1e385242f51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1249988
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4560
expires: Sat, 15 Oct 2022 14:32:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 61BC 0
127 B 16ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=tPAJeEbxLsSyLYoU3QdzFYlTxCVZ6v8RGdPriV8zUYzQjjBYsjRs8KEd57axFh0V6nx81yK_ULzaDFET83hcM3AxcL4CtVkVRr-MeqeNhOw_2saUyvEVTmj2z5tUxMDBH9P3GoGCEc__kFmoi_25gOZ5QXAUOLdxx20puEgJ6ZwOFnDYlXLkeZymIEJQt9uUDBkQ3iBUCO5fLZu5V7hiyrm2xcdthvRR2_v3zEbjfOkffGlnbNR85vET1OoTFCPw2dFi1w&sds=2&rev=82884&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 01 Oct 2022 03:19:08 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 61BC 2 KB
1 KB 24ms
22ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:09 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 61BC 2 KB
1 KB 24ms
23ms Image
image/svg+xml 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Tue, 26 Sep 2023 03:19:09 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 0077 3 KB
556 B 144ms
64ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

387b160853ac745a823784df8b45b28f35670b19183a76dd64d15ad11bea9273

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 01 Oct 2022 02:20:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 01 Oct 2022 03:19:09 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame B4C6 35 B
463 B 45ms
9ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEOo_G4XsN6bRDDI_fxi0UYI&google_cver=1&google_push=AZmPxg8A981HYnqAb1PTAn_-FRhjq-NKLUxAvA4EhZmcw9HTLN2odwym6jASQkcJyQCR6yeTvYwqk6iU66GiMmJNqgaAkbz7EA

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:09 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B4C6
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_1Ijmp...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAZmPxg_1Ijmp...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMDEwMzE5MDkwMDAxNDE5Mzg3NjkwOQ%3D%3D&google_push=AZmPxg_1IjmpDksfGsNiAjzwUCPo_-CfTCR6Blx7v5PG5CNmS8lEA1KV3LNmNvRq9l5vmN...

170 B
188 B

71ms
70ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMDEwMzE5MDkwMDAxNDE5Mzg3NjkwOQ%3D%3D&google_push=AZmPxg_1IjmpDksfGsNiAjzwUCPo_-CfTCR6Blx7v5PG5CNmS8lEA1KV3LNmNvRq9l5vmNEuUQ7mw6BbC5xznfmGSPb09529d08

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjEwMDEwMzE5MDkwMDAxNDE5Mzg3NjkwOQ%3D%3D&google_push=AZmPxg_1IjmpDksfGsNiAjzwUCPo_-CfTCR6Blx7v5PG5CNmS8lEA1KV3LNmNvRq9l5vmNEuUQ7mw6BbC5xznfmGSPb09529d08
pragma: no-cache
date: Sat, 01 Oct 2022 03:19:09 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Sat, 01 Oct 2022 03:19:09 GMT

GET
H2 200 dds
rtb.openx.net/sync/ Frame B4C6 43 B
352 B 94ms
54ms Image
image/gif 35.186.253.211
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.openx.net/sync/dds?google_gid=CAESEO5tp0PqpskO41BhCxTwf4Q&google_cver=1&google_push=AZmPxg8iL8xOpc1Wx_SYd-EPfTSWlG-gCtpj8a55ak3fW7vjjyXoS-07F8_t9YxQ2WsTeMxGOtjUktpI_WKYBS4WSBJ3tfGDnbU
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1664520975957&w=1200&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=1&to=qs&pwprc=1398849173&psa=0&format=1200x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594348489&bpp=1&bdt=1075&idt=1&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6279cd99ffc39c61-225c8e4f33ce0028%3AT%3D1664594348%3ART%3D1664594348%3AS%3DALNI_MY8-p9ne6GLggTD12u6rLf5nNhANA&prev_fmts=1110x90%2C1110x90%2C0x0&nras=2&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=A6Mk9TZkvh&p=https%3A//rosefile.net&dtd=16
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 211.253.186.35.bc.googleusercontent.com
Software: Cowboy /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:08 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-request-id: 4pvv4khge0638vrdd35dla4h9ugj5vuu

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B4C6 0
166 B 341ms
14ms Image
text/html 198.47.127.19
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEL9gKHboyb_ST16hYyvMyM8&google_cver=1&google_push=AZmPxg_xW9IT7RFinieR_ovyGzmBn0dl0T_JeRfvUU_eG-Vi1_5zwiHS2NsjKkMPApSTCq95_l4HgWgoIRPjlLE1gnE1py2Uo50
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&adk=2743202993&adf=54630664&pi=t.aa~a.1182920990~rp.3&daaos=1664520975957&w=1200&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=1&to=qs&pwprc=1398849173&psa=0&format=1200x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594348489&bpp=1&bdt=1075&idt=1&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D6279cd99ffc39c61-225c8e4f33ce0028%3AT%3D1664594348%3ART%3D1664594348%3AS%3DALNI_MY8-p9ne6GLggTD12u6rLf5nNhANA&prev_fmts=1110x90%2C1110x90%2C0x0&nras=2&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1210&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=A6Mk9TZkvh&p=https%3A//rosefile.net&dtd=16
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Sat, 01 Oct 2022 03:19:08 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame B4C6
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENU5ZLUO6WTIe6aUeMGJdHk&google_cver=1&google_push=AZmPxg-5iI_jYZwLKoxk23nhxD7_7h_r5HI1I4hoEH5ip5uMX7Ak5pp1A8OS_n8F3JZf3MYVXGK...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQQ0hXN0ctUC1CVUVU&google_push=AZmPxg-5iI_jYZwLKoxk23nhxD7_7h_r5HI1I4hoEH5ip5uMX7Ak5pp1A8OS_n8F3JZf3MYVXGKoWucgjNTemln7_ocRoIPj7mw

170 B
329 B

77ms
70ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQQ0hXN0ctUC1CVUVU&google_push=AZmPxg-5iI_jYZwLKoxk23nhxD7_7h_r5HI1I4hoEH5ip5uMX7Ak5pp1A8OS_n8F3JZf3MYVXGKoWucgjNTemln7_ocRoIPj7mw

Requested by

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type: text/html
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDhQQ0hXN0ctUC1CVUVU&google_push=AZmPxg-5iI_jYZwLKoxk23nhxD7_7h_r5HI1I4hoEH5ip5uMX7Ak5pp1A8OS_n8F3JZf3MYVXGKoWucgjNTemln7_ocRoIPj7mw
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Expires: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B4C6
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEGxyd7XCptXsgkngYr2Gb0Y&google_cver=1&googl...
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_cver=1&google_gid=CAESEGxyd7XCptXsgkngYr2Gb0Y&google_push=AZ...
https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGxyd7XCptXsgkngYr2Gb0Y&google_hm=YzexrTAdVYCMGz5-BqhH2QAABGMAAAIB&google_nid=index&google_push=AZmPxg9WYXAD-lE0dvjkYeQ1s2bZfMYR5XYFG...

170 B
188 B

182ms
77ms

Image
image/png

142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGxyd7XCptXsgkngYr2Gb0Y&google_hm=YzexrTAdVYCMGz5-BqhH2QAABGMAAAIB&google_nid=index&google_push=AZmPxg9WYXAD-lE0dvjkYeQ1s2bZfMYR5XYFGsyQNOfw2uA_FGPvWZtoFKKdYeP09u7k14NYkRn9VrAmQbuDC1f1UwRzs4FgjQ

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:09 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:09 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lEFCiDwdaajzYuKu1b5QihOj5dJ1qyUhROtFxRFqXKXEGphJYgxdLjGsxQQlIdiReinEiTPYIWgR%2FtGg74weJvHSFoRR%2FkN%2FTA%2Bh8%2B7gS9sl8UlscDeO8CSn1Ybv%2B5yZwoHmUvVHJqjv3w%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://cm.g.doubleclick.net/pixel?google_cver=1&google_gid=CAESEGxyd7XCptXsgkngYr2Gb0Y&google_hm=YzexrTAdVYCMGz5-BqhH2QAABGMAAAIB&google_nid=index&google_push=AZmPxg9WYXAD-lE0dvjkYeQ1s2bZfMYR5XYFGsyQNOfw2uA_FGPvWZtoFKKdYeP09u7k14NYkRn9VrAmQbuDC1f1UwRzs4FgjQ
cache-control: no-cache
cf-ray: 75320e1c2d23924f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET googleredir
googlecm.hit.gemius.pl/ Frame B4C6 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B4C6 0
232 B 241ms
69ms Image
text/html 142.251.39.2
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JkY75ZOjEYEDhEJroKwDvZa9pxQYun_Vd-FmiWSQmgSYjcRkZNIovZIRzUYpmdt9v_NvIVfg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s37-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 5B8D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 09a6d93898412a089d09695622ab6a18d038b5ebf7d0ff9d25d91a9f20142a35

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 4iCs6KVjbNBYlgoKfw72.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 0077 34 KB
34 KB 122ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCs6KVjbNBYlgoKfw72.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 08:45:37 GMT
x-content-type-options: nosniff
age: 326012
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34852
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:31:23 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 08:45:37 GMT

GET
H3 200 4iCv6KVjbNBYlgoCxCvjsGyN.woff2
fonts.gstatic.com/s/ubuntu/v20/ Frame 0077 29 KB
29 KB 151ms
74ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ubuntu/v20/4iCv6KVjbNBYlgoCxCvjsGyN.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Ubuntu:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 19:26:42 GMT
x-content-type-options: nosniff
age: 201147
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29752
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 17:05:11 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 28 Sep 2023 19:26:42 GMT

GET
H2 200 adchoices_default.png
static-de.ad4mat.net/ads/img/ad_markers_folder/ Frame 78D1 3 KB
4 KB 79ms
28ms Image
image/png 2606:4700:20::681a:61b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static-de.ad4mat.net/ads/img/ad_markers_folder/adchoices_default.png
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:61b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 21490845
x-guploader-uploadid: ADPycdvK0i-nNNMv3fNeMFP8ktxrB0s9Rxn1yHxNJcTu0YzGgL1oQ0J5-KUL8U_oIDMeEhRvKXfkGwmOw_rmBs79tac
x-goog-storage-class: STANDARD
x-goog-custom-time: 1970-01-01T00:00:00Z
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3262
x-goog-meta-
last-modified: Wed, 09 Jun 2021 12:35:14 GMT
server: cloudflare
etag: "794c84d30e213ec6a144d64215f07551"
vary: Accept-Encoding
x-goog-generation: 1623242114099744
content-type: image/png
x-goog-hash: crc32c=v7nNsg==, md5=eUyE0w4hPsahRNZCFfB1UQ==
cache-control: public, max-age=31536000, immutable
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=u2UPl4woMKnKt5MpK5VRw8dKNQl5T2Pd1y%2FiOV0xL5ROUA%2Fg5iwwhcuH1WW5N1CN5fBDtQsRsr%2Fa%2F5ZlVkr2rwAT6ZHrVZLaBezwn4%2B1sJ0%2BP8UjmYPWwpyhaeiIwgPAUxwAUL6C4IiYYg%2Fgz%2FAoIT9N"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 3262
accept-ranges: bytes
cf-ray: 75320e1c4956bb38-FRA
expires: Wed, 25 Jan 2023 09:38:24 GMT

GET
H3 200 frame.html Show response
ad4m.at/ Frame 872C 2 KB
1 KB 24ms
23ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/frame.html
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 458037
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=3600
cf-cache-status: HIT
cf-ray: 75320e1c1b206977-FRA
content-encoding: br
content-language: en
content-type: text/html; charset=utf-8
date: Sat, 01 Oct 2022 03:19:09 GMT
expires: Sun, 25 Sep 2022 21:03:20 GMT
last-modified: Thu, 25 Aug 2022 14:12:41 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZVirfDOryBtwilpOQ4n8rP6SIFR50qA%2FaoQdRTkmpe%2BSAZrLFb2Yd2%2FulfTLIhU9nfJ3p9DcZLgffAigpAI0xaXvhm0ptoDXy%2BJAceYuYifwPaJZKKZU%2BBodI00NwKMfK%2BBdinQ%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

POST
H3 200 rs Show response
ad4m.at/ Frame 78D1 1 KB
2 KB 33ms
32ms XHR
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Requested by: Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da428e6dbe41a1b01ae0da84a71adae26368608818bd5bf39150b8aa83194f47

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
via: 1.1 google
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ylIq8uXjSCuJtW0VBOefcJS%2F7rskr6B85QHpfVqf4MZyoRpOqco5qndznmCoHFpEp4cTlfgfaMp8Q0MhBl3coHhFIqTy3pd9lv9%2BW6zO3%2BgTPEAJaem9o3MbmI8poU5tg5yJgIY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: https://as.ad4m.at
access-control-allow-credentials: true
cf-ray: 75320e1cc973bc01-FRA
x-backend-server: aa-reachservice-group-europe-west1-2p34
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

OPTIONS
H3 200 rs
ad4m.at/ Frame 0
0 64ms
38ms Preflight
text/plain 2606:4700:20::681a:ad1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ad4m.at/rs
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:20::681a:ad1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: GET,PATCH,POST,OPTIONS,DELETE
access-control-allow-origin: https://as.ad4m.at
access-control-max-age: 1800
allow: HEAD,POST,GET,OPTIONS
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 75320e1c8933bc01-FRA
content-length: 24
content-type: text/plain
date: Sat, 01 Oct 2022 03:19:09 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jBm97Bg%2BO3v3HauQJcoCjYfh69ioarFQI8vNEv6mLRHYJipMYiC0wj5n8VlbQQec8PJ0M818hkfzWVk603%2FcKnuJYmB0X%2Bkb9Ue06XWVeKi07jpyFg7aC5Vcjd0ox3Wt%2BAvp5P0%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
via: 1.1 google
x-backend-server: aa-reachservice-group-europe-west1-2p34

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 177ms
62ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220928&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad4aced97ea63fa4a75101fcddf4155aa552de11195b7ccc4519a0b672d46e2a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10989
x-xss-protection: 0

GET
H3 200 rar Show response
as.ad4m.at/ad/ Frame 6302 11 KB
5 KB 33ms
32ms Document
text/html 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0

Requested by

Host: ad4m.at
URL: https://ad4m.at/fxpcopuw.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7ab6586bfb9bebaf16b55520843ba2c1d37545222b83a8d729fb735243bb7d66

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri ;child-src ;connect-src ;default-src 'self';font-src ;form-action 'none';frame-ancestors * data:;frame-src ;img-src data:;manifest-src 'none';media-src 'none';navigate-to ;object-src 'none';prefetch-src 'none';script-src 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://as.ad4m.at/ad/dr?ed=1g5nra2xgmnnjapr2bbsk98w9syr11759kthabxcs6jqemc18r0evj5mrtp947sqsf8bea0yvyjmbtgkwrha3v5x1z4n735y9kabftveeyncc94tvd740atmvye99eb17qwns97ke21p2sr2nffannk2vn8at26htyb2pb1p5nac5evme8tsh08pzkkb48z1an4jwq7pkcy8ak1b3p3kfcd2jgcs8tcrv50jhqwrjyyaa5xezb38ehbkdctyw6twj40d8a32xs5skexgmzh22ha4ktaab8fw43ygzgk5mq729f45mhr1m190zte2h5e667rp232yjpse7ptdv1nvhp323ngx6zcynn6rmqf9dqvw2ew9kzxr501et2ypfdvq5hdtwwrkvrzfpfjc07d587w4dkzrhehz&x=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%26client%3Dca-pub-7449074098466311%26adurl%3D
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
cf-cache-status: DYNAMIC
cf-ray: 75320e1d3c316977-FRA
content-encoding: br
content-security-policy: block-all-mixed-content; report-to report-endpoint;report-uri /ad/rcv; upgrade-insecure-requests;sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox;base-uri *;child-src *;connect-src *;default-src 'self';font-src *;form-action 'none';frame-ancestors * data:;frame-src *;img-src * data:;manifest-src 'none';media-src 'none';navigate-to *;object-src 'none';prefetch-src 'none';script-src * 'unsafe-inline' 'unsafe-eval';style-src * 'unsafe-inline';worker-src 'none'
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:09 GMT
expires: 0
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
pragma: no-cache
referrer-policy: same-origin
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
server: cloudflare
strict-transport-security: max-age=86400; includeSubDomains; preload
surrogate-control: no-store
vary: accept-encoding
via: 1.1 google
x-content-type-options: nosniff
x-download-options: noopen
x-xss-protection: 1; mode=block

GET
H3 200 default.css
as.ad4m.at/ad/style/0.1.23/one-ad/ Frame 6302 85 KB
11 KB 36ms
27ms Stylesheet
text/css 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://as.ad4m.at/ad/style/0.1.23/one-ad/default.css

Requested by

Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
strict-transport-security: max-age=86400; includeSubDomains; preload
via: 1.1 google
x-content-type-options: nosniff
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0","include_subdomains":true}
cf-cache-status: HIT
age: 392511
cross-origin-embedder-policy: unsafe-none
cf-polished: origSize=86781
surrogate-control: no-store
content-encoding: br
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
pragma: no-cache
referrer-policy: same-origin
cf-bgj: minify
last-modified: Mon, 26 Sep 2022 14:17:17 GMT
cross-origin-opener-policy: unsafe-none
server: cloudflare
x-download-options: noopen
vary: accept-encoding
report-to: {"endpoints":[{"url":"/ad/vre"}],"group":"report-endpoint","max_age":86400}
content-type: text/css; charset=utf-8
cache-control: max-age=3600, must-revalidate, proxy-revalidate
cf-ray: 75320e1daca06977-FRA
expires: 0

GET
H2 200 188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
assets.ad4m.at/logo/ Frame 6302 8 KB
9 KB 52ms
37ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/188CB8AAD064EA4A8191591B373E95EFBB15091EC45B736DE282B2519499BCCBCAB6FDEDC5113C2A7BE7DE03216809B9DDF8A0A0594CFE95168D455C315D4410
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 712421
cf-polished: qual=85, origFmt=jpeg, origSize=16723
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 8354
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:13:07 GMT
server: cloudflare
etag: "04cb7ec205cea351157aeffb998f3a85"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=idb3o3G2W9cXnrfVdJmBs%2FCD6siCOHuCJqxl3jWG6%2BTkCp8UOUi7Sze43m7o2rOGuUGS%2Bw1W5XkHdhZyzTIJsETLO%2FzZ3z80zaXRSimFdp7viOtPvHDg4mW%2FN6k4Rbmtkxrp8zMUkGKHXvfz"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75320e1da88d903d-FRA
expires: Sun, 02 Oct 2022 03:19:09 GMT

GET
H2 200 96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
assets.ad4m.at/product_image/ Frame 6302 43 KB
44 KB 66ms
54ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/96AA637161FCFF7D0AE42DD0E3CF6E6A33D7A2D96B5FF2BDA5B1A8E0996EEB464D78D8CE114DFCCD8F5FCF559382B5A858EE2F2DD03A6307DB4B399DF7A75EC6
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 633203
cf-polished: qual=85, origFmt=jpeg, origSize=72345
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44118
cf-bgj: imgq:85,h2pri
last-modified: Tue, 14 Jun 2022 09:41:24 GMT
server: cloudflare
etag: "ed6f7b3b1b04cd5f78cf354be09c981b"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TFUo3%2BoNSjP5%2BKLDl43asWB1lVVch2shwo0Y4nop4tDvUgDKiQTqz4KlCDAyvH%2B0uLIHHtOO1h1h6mmavaXEdPonvCcsIKGeX8%2B37q3TJoKCzzt3P5l8nYuxS4nzf2IjZFFJgl1%2FSInXAnlh"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75320e1da88b903d-FRA
expires: Sun, 02 Oct 2022 03:19:09 GMT

GET
H/1.1

200

/
banner.congstar.de/cookie/ Frame 6302
Redirect Chain

https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=%3Fhttps%3...
https://ad.doubleclick.net/ddm/trackimp/N38306.140903ZANOX.COMDE/B22845801.273544483;dc_pre=CLCjqZeJvvoCFUMT4Aodq2QLVg;dc_trk_aid=467891017;dc_trk_cid=64219029;ord=;dc_lat=;dc_rdid=;tag_for_child_d...
https://www.awin1.com/cawshow.php?v=11938&s=2542680&q=367022&r=412871&pv=1&pref3=pv_oneidJBeszf5f3drKCBH6H7tptrjQtxSgTbWguXoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1664594350_d0c71c70-4137-11ed-96b9-2237162cbb98

0
518 B

76ms
12ms

Image
text/plain

148.251.139.77
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1664594350_d0c71c70-4137-11ed-96b9-2237162cbb98
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Protocol: HTTP/1.1
Server: 148.251.139.77 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.77.139.251.148.clients.your-server.de
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 01 Oct 2022 03:19:09 GMT
Server: Apache
P3P: CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 0

Redirect headers

Date: Sat, 01 Oct 2022 03:19:10 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://banner.congstar.de/cookie/?sp=awin&spfr=412871&awc=11938_412871_1664594350_d0c71c70-4137-11ed-96b9-2237162cbb98
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
assets.ad4m.at/logo/ Frame 6302 38 KB
38 KB 50ms
38ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/E8A0B3404CF65D67FABF74F38D2E787E97D75F650E6720B8A047EFE226A7A598DA94FFCF3CDCC52A3B206A422DD3D5082778689277BC79BF962DEE607C6331D8
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 633890
cf-polished: origFmt=png, origSize=77267
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 38696
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:11:48 GMT
server: cloudflare
etag: "2b0e02e9dde77e31d38d78d73dc69e4f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cim3K2Cs8r41Y8ZQ4Jpoh7ADCY5AJr9eOly%2BH%2BQHoh12l12SJ3bIXSBeluWG5lwtCGM8EJR%2BFotwN8qWSn5sMb2wBob0LKlgS%2BR%2BVSflFPyg8UCcsjf%2FRZB8h3ld43YuhF2dFreHGAl0YW78"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75320e1da88c903d-FRA
expires: Sun, 02 Oct 2022 03:19:09 GMT

GET
H2 200 B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
assets.ad4m.at/ Frame 6302 84 KB
84 KB 65ms
54ms Image
image/jpeg 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/B45F893E9FFC024BF63F31BCCBD125167CBC3446F3678FC31F706A695A83CDCA7427229BCA4C5992B83E2F60A147FCD1B6148725AA0AF3ABB801A6BB7EA78390
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 591035
cf-polished: origSize=90165, status=webp_bigger
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 85727
cf-bgj: imgq:85,h2pri
last-modified: Wed, 09 Oct 2019 16:06:53 GMT
server: cloudflare
etag: "a6c89bb079950765946aeeda42e13d01"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ESrnaOXBoqnw45lEHpyRj5fElq5tuZLZuwG6OrFLLYFeppnuNQPYu4gXNMjUY7MGFVzagUuIgdAfntm6kN2il5z2VC717ZGK4SxaLKGu9L3qpRPZ9lv4bpuMbgJQZNuw86fx31k3mcoFheKP"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75320e1da88e903d-FRA
expires: Sun, 02 Oct 2022 03:19:09 GMT

GET
H2 200 CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
assets.ad4m.at/logo/ Frame 6302 16 KB
16 KB 85ms
75ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/logo/CE11F4A269236C0AF074ADB7F1ADA1F8C472CD7AC3290EFBF4A7DADA0100B8792254D4F2CF871D3311E6317269487774B650CDD0B207BED389DBEA35CD2DBC8F
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 631570
cf-polished: origFmt=png, origSize=39979
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15996
cf-bgj: imgq:85,h2pri
last-modified: Wed, 22 Jan 2020 13:07:55 GMT
server: cloudflare
etag: "ad9334664514d900a0c3b76d17ca960f"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zLQEd7AwGZJ%2FYPzvghNCLnFMfvM8X%2BCwom0%2Bp%2FSDSf9GYRDlXFV13TqyzKsTrTpjj0ZX%2BN5IIFkiGisiaipIajdT5%2BJCx6Ikrr38C2cLpPFC1JMflDAoEShdckSchSYPBr4Jclj%2FXa0dJBIc"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75320e1da890903d-FRA
expires: Sun, 02 Oct 2022 03:19:09 GMT

GET
H2 200 EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
assets.ad4m.at/product_image/ Frame 6302 222 KB
222 KB 62ms
52ms Image
image/webp 2606:4700:20::681a:bd1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.ad4m.at/product_image/EC9093D4AF3799CF781B1E590A25D192F3BFBB8EF4C33117758FB5ADF524B34A287AF80FDD08D80A46541DEAE1FFA692B6F4CA688E7C199182253AEB01A2863C
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 630524
cf-polished: origFmt=png, origSize=342797
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 226950
cf-bgj: imgq:85,h2pri
last-modified: Wed, 15 Jun 2022 14:01:11 GMT
server: cloudflare
etag: "82c7de0f42ff55fdd0acc07731664031"
vary: Accept
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5e5spirGHG7gBtbKSHoSxilHGgqU1zxA%2FFiDhfZ0CRGSUpL%2BblugO586b12xqqIRAzQTqLqr9UkvFqZeV6jKHXdhPRH%2B3F2HGhpms%2FJWa5EV82z1%2BLtxw5b%2BXqEZ2PrmA%2B6K5ByONq%2F%2Flk3%2B"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
cache-control: public, max-age=86400
accept-ranges: bytes
cf-ray: 75320e1da88f903d-FRA
expires: Sun, 02 Oct 2022 03:19:09 GMT

GET
H2

200

ztpv.php
www.conrad.de/ Frame 6302
Redirect Chain

https://www.awin1.com/cshow.php?s=2470167&v=11354&q=377133&r=412871&pv=1&pref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&gdpr_consent=&gdpr=0&gdpr_pd=0
https://www.zenaps.com/cshow.php?pvr=d0a11de0-4137-11ed-96b9-2237162cbb98&v=11354&r=412871&q=377133&s=2470167&viewref3=oneid3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14adoneid__dc_reach_suite02wkz&pv=1&gdpr=0&...
https://www.conrad.de/ztpv.php?awc=11354_412871_1664594349_d0a11de0-4137-11ed-96b9-2237162cbb98&insert=AW&&gdpr=0&gdpr_consent=

0
655 B

81ms
34ms

Image
text/html

2606:4700::6812:7f05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.conrad.de/ztpv.php?awc=11354_412871_1664594349_d0a11de0-4137-11ed-96b9-2237162cbb98&insert=AW&&gdpr=0&gdpr_consent=

Requested by

Protocol

Server

2606:4700::6812:7f05 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
via: 1.1 varnish (Varnish/6.6)
content-encoding: br
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=15552000
age: 0
p3p: policyref="http://www.conrad.de/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
x-varnish: 929855728
content-type: text/html; charset=UTF-8
cache-control: no-cache
server-timing: intid;desc=633025edf1800039
cf-ray: 75320e1f3c146957-FRA
expires: -1

Redirect headers

Date: Sat, 01 Oct 2022 03:19:09 GMT
Strict-Transport-Security: max-age=86400
Node: Helix
P3P: policyref="http://www.awin1.com/w3c/p3p.xml", CP="NOI NID CURa ADMa PSAa HISa OUR IND UNI PUR COM NAV"
Location: https://www.conrad.de/ztpv.php?awc=11354_412871_1664594349_d0a11de0-4137-11ed-96b9-2237162cbb98&insert=AW&&gdpr=0&gdpr_consent=
Awin-Akamai-Rule-Set: default
Connection: keep-alive
Content-Length: 0

GET
H2 200 link.html Show response
track.webgains.com/ Frame 6302 2 KB
2 KB 182ms
115ms Script
text/html 18.132.138.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jtgvg9vqn4qks2b0vdwes4w4nsp2sp7ms7tamy6cdavwtv9wsgmzpg7d6q4e7qy2y2k06sk4nfzvaqjqfmeb6adbp9yrgm405qnynrm8hkzmx8510ska0901v2ep6fkx8w7yrj7aq6a7jv0yjqkehrmcwznv119v1nz10v08abjbv2st5p4zhkjnzf43sj12remz992tx3gnwtxc055ddy5et7m66a22qss3q2q5wbpjqvdkykcj72zx3w6zpvn1g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%252526client%25253Dca-pub-7449074098466311%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.132.138.70 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-138-70.eu-west-2.compute.amazonaws.com
Software: nginx / PHP/7.4.26
Resource Hash: 475a903eff56ef7bb9ff3cdf10d3a9ab0db98340b7a08f8105cc73a1be502918

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
last-modified: Sat, 01 Oct 2022 03:19:09 GMT
server: nginx
x-powered-by: PHP/7.4.26
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=60
access-control-allow-headers: Authorization
expires: Sat, 01 Oct 2022 03:20:09 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 01 Oct 2022 03:19:09 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7B93 42 B
64 B 74ms
74ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstqW23gTIb7NonceNbUwssINtW8fAXc_V-i1Mx0kNKhIetjHG3vMwZ_TO3XcWGt1C2mRL_m-ME3zZFKYRxCrzXNN2A&sig=Cg0ArKJSzEOighqmOgvkEAE&id=lidar2&mcvt=1003&p=0,0,90,1110&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3099582606&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664594348007&rpt=739&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame CAE1 0
127 B 16ms
16ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 01 Oct 2022 03:19:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F004 13 KB
5 KB 42ms
38ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 21268
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 30 Sep 2022 21:24:41 GMT
expires: Sat, 30 Sep 2023 21:24:41 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D68 783 B
534 B 207ms
82ms Document
text/html 2a00:1450:400d:807::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b809d55b5ee540cc70b5a0d433cc6bb5d9a93769924496dfe22535b5f03a1d42

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-lzu7yxuQpdsaXi3sCH4Zgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-lzu7yxuQpdsaXi3sCH4Zgg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 01 Oct 2022 03:19:10 GMT
expires: Sat, 01 Oct 2022 03:19:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3123 42 B
64 B 76ms
76ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst-EdLSaHF7cNSFJt_ycFm2VX2N15DJwHA7Qh2xtg5m2ZO-ijRE42miZiO7DIpGoSOZ72FGnmdl9f7RGZKK6lSztBk&sig=Cg0ArKJSzDKYYg5XF47xEAE&id=lidar2&mcvt=1000&p=0,0,90,1110&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1884398534&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664594347997&rpt=853&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:09 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js Show response
pagead2.googlesyndication.com/bg/ Frame F004 36 KB
16 KB 55ms
51ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b4aq_x9zMiku-4ayY0gQrcEuJNMSghrM2Nuaea2nyAg.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 16:49:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 37761
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15966
x-xss-protection: 0
last-modified: Tue, 27 Sep 2022 16:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 30 Sep 2023 16:49:48 GMT

GET
H2 200 pvClk.min.js Show response
analytics.webgains.io/ Frame 6302 85 KB
31 KB 69ms
8ms Script
application/javascript 65.9.66.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.webgains.io/pvClk.min.js
Requested by: Host: track.webgains.com
URL: https://track.webgains.com/link.html?wglinkid=713569&wgcampaignid=1384975&js=1&nw=1&wgtarget=https%3A%2F%2Fas.ad4m.at%2Fad%2Frct%3Fed%3D1jtgvg9vqn4qks2b0vdwes4w4nsp2sp7ms7tamy6cdavwtv9wsgmzpg7d6q4e7qy2y2k06sk4nfzvaqjqfmeb6adbp9yrgm405qnynrm8hkzmx8510ska0901v2ep6fkx8w7yrj7aq6a7jv0yjqkehrmcwznv119v1nz10v08abjbv2st5p4zhkjnzf43sj12remz992tx3gnwtxc055ddy5et7m66a22qss3q2q5wbpjqvdkykcj72zx3w6zpvn1g%26a%3Dhttps%253A%252F%252Fas.ad4m.at%252Fdct%253Fed%253D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%2526h%253Dhttps%25253A%25252F%25252Fadclick.g.doubleclick.net%25252Faclk%25253Fsa%25253DL%252526ai%25253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%252526num%25253D1%252526sig%25253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%252526client%25253Dca-pub-7449074098466311%252526adurl%25253D&clickref=oneidr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhdoneid__dc_reach_suite02wkz&viewref=oneid4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuKoneid__dc_reach_suite02wkz
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-42.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Fri, 30 Sep 2022 15:27:46 GMT
content-encoding: gzip
via: 1.1 a618edcb8ddcdae59a3a61a6c82ff54c.cloudfront.net (CloudFront)
last-modified: Thu, 29 Sep 2022 15:27:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 42684
etag: W/"faa933973c404f8cfedacd4b67a60b85"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: rggXu7vxDMQwhtA-i7xy8Nkx1D_aXitoyTmcRCBwxuXPIQEjow-QYQ==

GET
H2 200 Logo%20RGB.png
cdn.track.production.webgains.team/12607/ Frame 6302 85 KB
85 KB 63ms
9ms Image
image/png 99.86.4.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.track.production.webgains.team/12607/Logo%20RGB.png?Expires=1664594649&Signature=f2Un6W6QAEElubh~7cZTO6lbiQi37HTcqWMBeXkASGKurkZRtQye9J1hnd-bcBvWmqAoK1ST0LWmkeh8tz2EnPrjpF9bpdwYXxmJmRXZFOR-Ri6-oJjbx3Ch-40NUw7jjgDNP9DaENaGikeSTN6oTNYtLpo6PIYLAUU7w9IUlADYeIjBsAHZEwVBIkQTniZqkGN1RPy5HaNFHJbTLEkQP52X5LvXmGSf0iqjrLDPHH1BLLY1BI4~Nq7bRuucE56-jZcheGzltY3H~C3sjjLp4cXbhVx6dBimSqkUsTyj1Iky4JgNUOxkx~88Wm59jCYVQw1H5fWUKtRKTBFK7BMaJA__&Key-Pair-Id=K28VXAGA7VWE0O
Requested by: Host: as.ad4m.at
URL: https://as.ad4m.at/ad/rar?a=196439%2C24673%2C188429&b=JBeszf5f3drKCBH6H7tptrjQtxSgTbWguX%2C4rehEf5fRAzhGH9HdtAtmJAsbSpTr6XuK%2C3PZfpf4fXZ6Rs7HrHAtEt9REtPSWTA14ad&f=GjeTBfpfXwxkcKHeHGtBC31dHZSYTeA9tE%2Cr2GcQf9fd3jTAH7HjtJCBwxuYS8TKxdhd%2CWKmcrfdfZwJeFYH5HjtDCXjeH3SETJdPC2&c=728&d=90&e=&g=de7c29d6a724909cd8e8990141d130d7%2F9557623066246982138&i=25174%2C20430%2C21596&j=16%2C21%2C16&k=0&l=0&m=0&n=&p=&q=&o=dc_reach_suite02wkz&r=1664594349584&h=https%3A%2F%2Fas.ad4m.at%2Fdct%3Fed%3D1g09zssrs101pca6ff1htfnfr9jj2zfzxfvq5rrcfvz5a9na0x2xmfptmtbnm7p2zxzwtmxvx8j1g2erex3y1mg07j9j1rbc4ya6w8678heypn8ch6yn6w37ms92qr0stddgz5f6vq2d29g9xy8b2vjvxj7gknt9mreeqsbbkqpz6pgmphajpeyb21a4xtnn0yrnre5c2ksccs3qnt1xe87sqjxq4s7sqyxzgreg41q5707n1xmhtkcg99jhsymqppeasmq2287y0%26h%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Faclk%253Fsa%253DL%2526ai%253DCe6sSrLE3Y8W4IYLF-gaQ0o2ID5DhgYRctqjCivACwI23ARABIABgleKQgqAHggEXY2EtcHViLTc0NDkwNzQwOTg0NjYzMTGgAcKu6N0DyAEJqQIWhNpvuHGwPqgDAaoExwFP0Pv1A0kSX4VMdS40WxbmzH6uZeCj7cg5ke4iUqfI-dHZ93-EGE2oNHAio5zL74sbTxEjUKKCWZkjWLwOco3hWwNjFe3fGWJTrceXm3R8w7dk71WcJGIdAKT6BOrwRzpePgr5OYoDUVNMUXJoiQOIo-jMzYB_Q0mA9nOBYf-DkRaqn-xGG2y4PqZuRVx37Y2Ydo2sL2b2KLPU5rHxhGMpZ3DNtXst-75qx-t2Ln761b1byes8MP0B319XSVJiZ-qQLjj5VJthgAa_y4nGt9P50VugBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAf_nrECqAffn7EC2AcA0ggPCIDhgBAQATICqgI6AoBA-gsCCAGADAHQFQGAFwE%2526num%253D1%2526sig%253DAOD64_1bbGk0MgsTqGAMuWfI8YjGzpK8-g%2526client%253Dca-pub-7449074098466311%2526adurl%253D&y=1&s=&z=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-94.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: null
date: Sat, 01 Oct 2022 01:08:38 GMT
via: 1.1 f038e7175be9761825b2eefc2b0a832e.cloudfront.net (CloudFront)
last-modified: Fri, 06 May 2022 09:41:36 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 7832
etag: "92f323c42d6018008b4cf82e90ac9639"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 86991
x-amz-cf-id: ksfrBCV4oCehWU_tfwHWxpXuO7rjzlTi_e-U1YCXRcTBYuxhV9NFpQ==

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F004 0
10 B 44ms
40ms Image
text/plain 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?hI0ZjA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D68 0
0 87ms
79ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220928&jk=4085417893705957&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 45E7 42 B
64 B 76ms
75ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss7MFSXLDa36wECUkXpWyIU1BoSnYw57-66RlQW4_hc0l59QwFcemA7TNez-dVQRScXImCyjaySneqks7A9qi1jZfs&sig=Cg0ArKJSzCDye6SMhkwjEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=289,853,1000,1000,1000&tos=289,564,147,0,0&v=20220928&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1664594348552&rpt=552&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:10 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0077 0
127 B 15ms
14ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 01 Oct 2022 03:19:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 61BC 0
127 B 16ms
15ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sat, 01 Oct 2022 03:19:09 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 77ms
76ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220928&jk=4085417893705957&bg=!iIuli8_NAAYQgTJdMIE7ACkAdvg8WiIacUnolhW474kDGvLSL2gvYkrUlq7TU7C7nCFkmSvkwU4R6QIAAACRUgAAAAJoAQcKALF68qljfZTC8GSW8ZJdLnBBbbuTX85p_mNWUATXCsFBzIfwSnKCQgZZhZYLQ4gDyb2ZY-Tpz932VRezddWryoyntOBjVmxJunVO1M6inVJGPTygnMJjsuySU33MEL4OnKtl9xM1fmV9HGyeODVRigaE1MXuIAR1mkcEvg5Amp5TInT6ClLMCIv6jwnlrVQnSENOqy8cShBJ11VY4dZIb6qQlCTXlhvD-N9O0fzN3tEQfCqZApolribxNhkM5SGZQZmg3ZlyUE8jLvsrtbaCOLqPEUdXwd-L6Y889f558buFG2lxY4rcN7lT1VNaShic0LKNkxjmJAVAw5dvSos3K4ALyw277f0hS6JUUpRU88elAYLvYbZ3s4preJwaqHeTamSSkklSKWtde5VLKO91n40ZMvBXGFf49kkNslHkgs9kc0GxB23gDIUFeUC9-0QNK_JDmrnqL1BVGBwF6QV0i9aXN1hzps7cncH19mILepxYz_XFN6CiCNL8Iiw_A8QXZDl4l4a5jE7NxVij3sz452E7-uqxmdddHJdgpW4sO2J0cgF7xTEuFdxwRwKcmvfp6ygjPnTyOMSIDBKBqU36nrcPnI-guvr2z9lasOEtgZeOKs5AITmMjv-X51Uoye6D_X84TpCcQmTl1FuJTS0hoJTUj_g8wqYfyfj8l9lwHVFetSchEsVjNaxpEUbcrmdb3AGvsUhDc4njhpni2C0--haIu0iyNy15ed-5-XjX5DG0JuYE-l0HiXGcu5GjSNBq34r8iB_tXD_qTLKSDRDFZljzcy2SFS0VC9-1S2uVcMIKnOPjV2IixGcFgNsodRXuKXSXhuU2Ysja7AGaiz5FCjcFSx2JPWriyu0VdmLhzKVLYp0Xmgp8IWY9L9kvwrLS3BMWmoMZEIAEL3bID0bgPN9hZwqDP5h7FxyZzlImWDgj1zhvAoWTn7Wfn1FZj7IC1IMSL5c-gshhpuZh4IOTZI-NlKqaxUK5CMUur7eCxHPTDueiKR6nxRCjTTuIfqV3DyNZvJB7lJRIjQg_wb338HhAUrLuaIJXk3T6oa3YEWebCAB_D-87hVAvixKXJtAyRcrP8vtNfp9yG3osQ-CCK66cngkuteRWMDjeXE5pXcQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

POST
H2 200 tracking-event Show response
api.webgains.io/ Frame 6302 16 B
232 B 76ms
76ms Fetch
application/json 18.135.86.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.webgains.io/tracking-event

Requested by

Host: analytics.webgains.io
URL: https://analytics.webgains.io/pvClk.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.135.86.50 London, United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-135-86-50.eu-west-2.compute.amazonaws.com

Software

nginx / PHP/7.4.26

Resource Hash

c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/json

Response headers

date: Sat, 01 Oct 2022 03:19:11 GMT
x-content-type-options: nosniff
server: nginx
x-powered-by: PHP/7.4.26
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: no-cache, private
x-xss-protection: 1; mode=block

OPTIONS
H2 204 tracking-event
api.webgains.io/ Frame 0
0 74ms
18ms Preflight 18.135.86.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.webgains.io/tracking-event
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.135.86.50 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-135-86-50.eu-west-2.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://as.ad4m.at
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-origin: *
date: Sat, 01 Oct 2022 03:19:11 GMT
server: nginx

GET
H3 200 logo.png
rosefile.net/templates/rosefile//images/ 2 KB
2 KB 16ms
16ms Image
image/png 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rosefile.net/templates/rosefile//images/logo.png

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a6ea949af9f144c644f0efa2bf5a862fdffc4e1b79e54eb7bad499d833dd0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 741570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1935
last-modified: Fri, 25 Dec 2020 21:00:36 GMT
server: cloudflare
etag: "5fe652f4-78f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1rBxpGcoO8nd7sOSb1WRM3pb6AMTXCf%2BRCafH7U0hV56rm2GXs3UkSRTrLUtM0q2LhJcyxKXdEGO4%2FqV7Ev7YVxfRdvshnUAshSB4VfT6L%2B%2FiQSc8LhifLgYo83lIvrUB9b26mjDwhSw%2FyE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 75320e296ad3927a-FRA
expires: Sat, 22 Oct 2022 13:19:41 GMT

GET
H3 200 logo.png
rosefile.net/templates/rosefile//images/ 2 KB
2 KB 17ms
17ms Image
image/png 2606:4700:3034::6815:5db8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rosefile.net/templates/rosefile//images/logo.png

Requested by

Host: rosefile.net
URL: https://rosefile.net/58lno8283h/PDL33.7z.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:3034::6815:5db8 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6a6ea949af9f144c644f0efa2bf5a862fdffc4e1b79e54eb7bad499d833dd0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 01 Oct 2022 03:19:11 GMT
strict-transport-security: max-age=31536000
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 741570
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1935
last-modified: Fri, 25 Dec 2020 21:00:36 GMT
server: cloudflare
etag: "5fe652f4-78f"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=scBUGzKB9x9mUtsRscFp%2F8RXxUPIl3ou0sL2brEFT0T4YCgzLyeD8UFGxN6nxWYgW8xGglczCNm6h7b6HvF%2B2Euw%2FYWikBdS8T5B%2FlfxQd%2BGpkqxfvmNWjDfkPZRIQs5bGRInfEHmThquo8%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 75320e298afa927a-FRA
expires: Sat, 22 Oct 2022 13:19:41 GMT

POST
H3 204 collect
region1.google-analytics.com/g/ 0
17 B 127ms
60ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-KDVC5RG4QJ&gtm=2oe9s0&_p=1902942959&cid=115296085.1664594348&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=2&sid=1664594347&sct=1&seg=0&dl=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&dr=https%3A%2F%2Ft.co%2F&dt=PDL**.7z%20-%20RoseFile&en=scroll&epn.percent_scrolled=90&_et=7
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-KDVC5RG4QJ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://rosefile.net/58lno8283h/PDL33.7z.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 01 Oct 2022 03:19:12 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://rosefile.net
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEG1n2Cmpkg46LLUaxmqWYjI&google_cver=1&google_push=AZmPxg8JVwnBosKi13EtOXsLyem6HIiZWthNH9htoDLSZ1iW3alM1wlE5ySidaR5qciRLVcOLQ1YS6b9IVMDbmDI8ZWGAkJRaws0

Verdicts & Comments Add Verdict or Comment

103 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

34 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.t.co/	1970-01-20 15:53:28	Name: muc Value: 917c9bc5-c291-4903-8238-1da6786720df
rosefile.net/	1969-12-31 23:59:59	Name: PHPSESSID Value: mrl9aarbfqp8tpvveomjuu1717
.rosefile.net/	1970-01-20 06:23:25	Name: vip_param Value: 373bbXpJlbB2ffBI8ksS9cN8oSmN7dq8%2FUQUFJfRU3YjCnO%2Bz5ncmYKON3EgJlWTXwYA
.rosefile.net/	1969-12-31 23:59:59	Name: lang Value: en_us
.rosefile.net/	1969-12-31 23:59:59	Name: use_lang Value: en_us
.rosefile.net/	1970-01-20 06:23:14	Name: view_stat Value: 1
.rosefile.net/	1970-01-20 15:59:14	Name: _ga_KDVC5RG4QJ Value: GS1.1.1664594347.1.0.1664594347.0.0.0
.rosefile.net/	1970-01-20 15:59:14	Name: _ga Value: GA1.1.115296085.1664594348
.rosefile.net/	1970-01-20 15:44:50	Name: __gads Value: ID=6279cd99ffc39c61-225c8e4f33ce0028:T=1664594348:RT=1664594348:S=ALNI_MY8-p9ne6GLggTD12u6rLf5nNhANA
.doubleclick.net/	1970-01-20 15:44:50	Name: IDE Value: AHWqTUk3EDl9YCgEDFGiZqBgCHgrWhvP4uo_tAfgTAcc9j6zj5ZJUzQTelU4_EYWx6A
.quantserve.com/	1970-01-20 08:32:50	Name: d Value: ECIBCQGdJ4EA
.quantserve.com/	1970-01-20 15:53:28	Name: mc Value: 6337b1ad-4ce83-81bce-95fc4
.casalemedia.com/	1970-01-20 15:08:50	Name: CMID Value: YzexrTAdVYCMGz5.BqhH2QAA
.casalemedia.com/	1970-01-20 08:32:50	Name: CMPS Value: 1123
.casalemedia.com/	1970-01-20 08:32:50	Name: CMPRO Value: 1123
.casalemedia.com/	1970-01-20 08:32:50	Name: CMTS Value: 5121
.e.dlx.addthis.com/	1970-01-20 15:53:28	Name: na_tc Value: Y
.awin1.com/	1970-01-20 06:27:33	Name: awpv11354 Value: 412871\|1664594349\|d0a11de0-4137-11ed-96b9-2237162cbb98
.zenaps.com/	1970-01-20 06:27:33	Name: awpv11354 Value: 412871\|1664594349\|d0a11de0-4137-11ed-96b9-2237162cbb98
.zenaps.com/	1969-12-31 23:59:59	Name: AWSESS Value: 377133:2470167
.addthis.com/	1970-01-20 15:53:28	Name: na_id Value: 2022100103190900014193876909
.addthis.com/	1970-01-20 15:53:28	Name: na_tc Value: Y
.addthis.com/	1970-01-20 15:53:28	Name: uid Value: 6337b1adaa6be0a7
.addthis.com/	1970-01-20 15:53:28	Name: ouid Value: 6337b1ad0001e5e503d2666b8cd16b66f1f4b5fd2ea6e831375f
.dlx.addthis.com/	1970-01-20 07:06:26	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 07:06:26	Name: na_sr Value: 20221001
.dlx.addthis.com/	1970-01-20 06:23:14	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 07:06:26	Name: na_sc_e Value: 0
www.conrad.de/	1970-01-20 06:30:26	Name: HTLP_timestamp Value: 1664594349
www.conrad.de/	1970-01-20 06:30:26	Name: CEAffHA Value: YD
.www.conrad.de/	1970-01-20 06:23:16	Name: __cf_bm Value: C8gWn4Hb2cKJb4L6ydvvzQPXFqTy3RwPzEuLQHpV.K0-1664594349-0-AcCSimijlLPKSBKR/QYQrV+nqNBGA//EmRpQi9/EchjUGEDKOheffJ0QL53bE0lnEjf5f3/WHEajWy0tuyG/qec=
.awin1.com/	1970-01-20 06:33:19	Name: awpv11938 Value: 412871\|1664594350\|d0c71c70-4137-11ed-96b9-2237162cbb98
.awin1.com/	1969-12-31 23:59:59	Name: AWSESS Value: 367022:2542680
.congstar.de/	1970-01-20 06:33:26	Name: staticentry Value: %7B%22spfr%22%3A%22412871%22%2C%22awc%22%3A%2211938_412871_1664594350_d0c71c70-4137-11ed-96b9-2237162cbb98%22%2C%22sp%22%3A%22awin%22%7D

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7449074098466311&output=html&h=90&slotname=1082625532&adk=3099582606&adf=3803042755&pi=t.ma~as.1082625532&w=1110&fwrn=4&fwrnh=100&lmt=1664594348&rafmt=12&psa=0&format=1110x90&url=https%3A%2F%2Frosefile.net%2F58lno8283h%2FPDL33.7z.html&fwr=0&fwrattr=true&rh=90&rw=1110&sfro=1&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1664594347730&bpp=1&bdt=317&idt=272&shv=r20220928&mjsv=m202209280101&ptt=9&saldr=aa&abxe=1&prev_fmts=1110x90&correlator=6986479019647&frm=20&pv=1&ga_vid=115296085.1664594348&ga_sid=1664594348&ga_hid=1902942959&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=666&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C42531706%2C44773613%2C31070061%2C44774292&oid=2&pvsid=4085417893705957&tmod=510989026&uas=0&nvt=1&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=U3BwgrZTzM&p=https%3A//rosefile.net&dtd=276 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESEG1n2Cmpkg46LLUaxmqWYjI&google_cver=1&google_push=AZmPxg8JVwnBosKi13EtOXsLyem6HIiZWthNH9htoDLSZ1iW3alM1wlE5ySidaR5qciRLVcOLQ1YS6b9IVMDbmDI8ZWGAkJRaws0 Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0
X-Xss-Protection	0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.doubleclick.net
ad4m.at
ads.eu.criteo.com
adservice.google.com
adservice.google.de
analytics.webgains.io
api.webgains.io
as.ad4m.at
assets.ad4m.at
banner.congstar.de
cat.nl.eu.criteo.com
cdn.track.production.webgains.team
cdnjs.cloudflare.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
e.dlx.addthis.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
image6.pubmatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.rubiconproject.com
prod-rtb.ad4mat.net
region1.google-analytics.com
rosefile.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
rtb.openx.net
secure-gl.imrworldwide.com
ssum-sec.casalemedia.com
static-de.ad4mat.net
static.criteo.net
t.co
tpc.googlesyndication.com
track.webgains.com
www.awin1.com
www.conrad.de
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.zenaps.com
googlecm.hit.gemius.pl
104.111.215.191
104.111.239.217
104.18.19.126
104.244.42.5
142.250.185.134
142.251.39.2
148.251.139.77
178.250.0.139
178.250.2.148
178.250.2.150
18.132.138.70
18.135.86.50
198.47.127.19
2001:4860:4802:32::36
2600:1901:0:76b9::
2600:9000:214f:6e00:1e:a43d:b640:93a1
2606:4700:20::681a:61b
2606:4700:20::681a:ad1
2606:4700:20::681a:bd1
2606:4700:3034::6815:5db8
2606:4700::6811:190e
2606:4700::6812:7f05
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:802::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:827::2002
2a00:1450:4001:827::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::2002
2a00:1450:400d:806::2002
2a00:1450:400d:806::2008
2a00:1450:400d:807::2004
2a02:2638:1::2
2a02:2638:1::4
2a02:2638::2
2a02:2638::3
35.186.253.211
65.9.66.42
69.173.144.139
99.86.4.94
02af080e15f7ae2ffeb18e9636a3da4343397594a61a9b859a953f15eb13cde3
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
081524aa657300873352a5f4a7fd81ef61ec63cab8ea5ca87cf2d0f51cd30d59
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09a6d93898412a089d09695622ab6a18d038b5ebf7d0ff9d25d91a9f20142a35
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5ed985fdbddc027124d4e6879ce1a1860832cda85e2b517c18d8fbd2fffc06
0f07477fd69ed6a831a43210db8a7ba753fe95ea9419b85e78d759057c5ff11c
0f70f129475ca0b6a4851d34da9794197629135e820929095648e2338780bd7c
15dd2c9a93c782e78e4567fd7fa075237f76393fb0d648233125630a618ab756
193952b59c9a975154471a0ce405acdc8c3f6fa17b2414e818c14cee77f1d460
22cadce4f1aad2a4af3657f90efa02d4e3d32217fdf307ff69512771d1fb08ab
23c0640cbd37c908bf315911a380f7987c247bdfb15f48c402d2549f19e9304d
24435cb4e37717aabeb536f2ed212636c86fbbf9dd42d0c7499c1ebd49e3d558
272d25a3bc4e780b90797dc968a382dbccaa40157d7612ace2f59f2768a6bb86
2ac46ebee46d515be86deeba385b4e41f8cff160364b362c9a6e153df327c66b
2c8a032e0ae2ca97bbfec40674fbc98a20825a0245b3774a6cb2138e73c596d5
2da1bbe120e5eb0e19ce8299926f0f0f728a68625a00fb6d07675687675f6998
2eeaed1b310e214596abec926291c1a41c6333ddaeac312886fc0b5930d71f0e
34c3ae81cd958df09f8912557b0a7c53fea002cc24b4d6058d852da53811e414
386531a08f54c0c8d3ba891ec58687e227a48302afa25312dd0cddeb858fe61a
386a52be8839d3122099fcc53dba24e3dff4b904983e26b52d5dd774e0bb525a
3871e6719f71319cad9f0c2b4f262518c8deb142d03078bd7539e5d72da33de5
387b160853ac745a823784df8b45b28f35670b19183a76dd64d15ad11bea9273
3bcbc292cf3fcec706615a72fb911c23c93f59c06725d003b36f898395a64689
3c3a0321547809818914bf6666db8a6b4f882b487d3e08e334566d25d5d38e55
426d76224de25de48c22820280fb851e7d9ebc04bfc915b4aec6dfc21821ea37
44ce21037b31a658c960ae1f9ecc0abe3acb9ffdc20daa89acb81bb17fae68dc
475a903eff56ef7bb9ff3cdf10d3a9ab0db98340b7a08f8105cc73a1be502918
4b12a8d6ae46f73f3f3aa72bbb620aa14b48deecd6191c5ca0f264a08e934dcd
4b24eee82c2b7ce85ace76193e8a25570dabc6863b94a60a42fa9bb6a37ddc72
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
53d20c03fa34aa6dc814040e908b1e128ac8b3bbf58ad049600570e0685b83e2
544e17f490a8d3f512d7348b79eeed28478f4d04c10ec16b6ea8a4844fd57b48
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a211c742f0d2a63fa31aeeaac328b759738f2878ed4af950450bb0876659bdc
5cd38d861db3fb969bbd70a1073f6b4d7092e7d5975379be9bffb1e385242f51
5d485f783c7cc440cba21bb750ce67e191bce0783bfc6cff5f98e236e401b7ab
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f0e58e4c8d23cb8d1453aa9d362f102a4676085ab517acfd34aba74f982d3db
6127e12fb7db30215c5b8c5c9239e97f2de7e2a97368be42e2287f777a872166
61618d3d872ac2cc07c14cbc8c9053b222dd84840e7b9a5c16e9110425f96161
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
640370d8cc619c5f6a02829b0bb193eb67a39f2837b359884cc18e4709e45b47
65e821b53990c7e875f3a0c2ed1d78d9aaf42a0ac22e5befe5903e4e87faf931
6c82dc9b833355e3c5f971042bf6e401bdb69162b5fbc2a2c97e3dd768c0841d
6e387dbf7b036a02f2d17574c1b5f80af4372fc7a9d26a7f60fcffd2d63c7f01
6f86aaff1f7332292efb86b2634810adc12e24d312821accd8db9a79ada7c808
7024493525030ecd098ce0dcb2f0aea839373775120b40580028137b1d125ac9
7164a212fb4df27bf1e006342d1686badcba58f5a5d301772c14cc7adf1d4821
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
76991bd0ff8917e579e44995d140689284fcf0513498b384c9ef8e8202db3bed
7a24840554638afa529e5667183fc98ff482eba2a3f229c0fda2b5f877c2455f
7ab6586bfb9bebaf16b55520843ba2c1d37545222b83a8d729fb735243bb7d66
7b2c802757887409d2db84ca507fd59fe5e966bc29f66e5a3983e7ea3411d3a8
7c00752ce82d6abaed0b9766d35b906b16675facdbe24115b410d1fab975effa
7f0a5567631bce14fcb6ee097dc2b68ee785054ab6e086ddedfac88539d4a6a6
7f653b3ce9d3277457fc6da4edb246ae2f6c913f088c42dcb8cd2e96267aa21a
807c3056d593e0c991a5f64df1b6221e893cd12a9f71b24b65e81c4165401c67
80ae6a05566c108569ee9e8399aa7621b7c0e6fac1ed5eadd26b8a72d80a44ac
80efe2128130ab8393cf0be9e0d3743fe7bdeaba03b1ab9ba33f8c466e9c31e0
824b7b927b4bb8fb7a8d470e415e1cbc73797fbb73cedc1721da512c2d062992
86d8e892ceacd8c8a7e7125c68dd0e1b311f8399871b6d64b8b6795f0235c1d4
87083882cc6015984eb0411a99d3981817f5dc5c90ba24f0940420c5548d82de
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d199fc11ccd695149203d21557ba43c22266dfa0073afef4ba1f754db40bec9
8e49b984d20b3e7cb3f2c4a08805dc3f66bb8a58ec08c365d0cf955dd57c77c7
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
906658e0a876edc7328af2e28c887cd645cb79c4f92c9bd9de6e982fedc509f2
917fe3545983915d4f0076d6a9830782f7afe19ba6dc6c954e62dbca38a7e7c4
93641a07712a62c4625af81e529031764de1265c55363cee883c1c54766ff074
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b68fd5f8ec09c463380df5d4bebc70b9a738d1e66de214d7c924ff7a158c562
9bfc7d34cd8bc7df36a984d6f3da50799752e33c48bbf07a4a1ee959b51476d0
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a30019bca9afcf5c4a19d136d8c172ae899322b40124e1735a68f6899d71b2e3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9c3152b1f921defaf879a7f6514623aa21e0656a12f143b20cde6648ff5036c
ad4aced97ea63fa4a75101fcddf4155aa552de11195b7ccc4519a0b672d46e2a
af9b453633ef8b4d82e35188507219e0be990b62f20e6666e8e9a275582b7738
b6a6ea949af9f144c644f0efa2bf5a862fdffc4e1b79e54eb7bad499d833dd0d
b7481e5d1621d47cb93e0a1188fbe69fa3f46b82a6812bad09663e3a3fdc9281
b809d55b5ee540cc70b5a0d433cc6bb5d9a93769924496dfe22535b5f03a1d42
bcf7965c964e567124ebbd41f202b1ab95929ea6e561996d1b28ec226746b80a
c1f9d8e277b69e27fbad364e41ef7754749a72df331f6298b425144883f9a7cc
c776195ad46333c6c9a9fe3c74502ffea9a02faf122388ea3567922cc65a3060
c83e17589ab16879ca50f1e59f6db979ccae09497b73a61eae7f9b44a74d7c51
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
ca0ff842bfac90284d76effcdf3399b1c57d34141498c71f62a7270f6ea823b1
d1fd346908d8a8f026e8974fb61c587e62eaf2a35675f8ed015c9e1eca0fa463
d2e47ce9d709494e8a4c5d4bf47774a0dbaeaa17c259a429f18372e36777578e
d997fba7832cb78b0933a9eb2ce191d53234c978e25c6c8fc50c75923ea8405e
da428e6dbe41a1b01ae0da84a71adae26368608818bd5bf39150b8aa83194f47
da8438b81e390283f6eb8cc9cf49ccde3d00c954b4fbccdf6372c162c4b58ab2
dff993d26a575da1f79dda091f9de5cd4af1675758ead010d3297b67766bc384
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e2c9ed632f94d631c6ebb41d6737af9948ef7660a5437bbe8ed4aa2ce764b5c5
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb370d0cf8a89e349d3fa9ce2f3901ad5e890aec3eb38c94f286fff00617ce18
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f08712b803758a5884bdf37afe9af65da76fb200c21e4231bd2cf8f7d2e45fab
f3ac79f08014f7842fda907f6eb861a536dddd5924423c29be28985976caa775
f3c0fa2cd71bb91d0e3acf5d77b93c49a184e9ad941532ca8c07c82eb0bd6a6c
f54309f6fa01085657419874dad7ce532b124864d0e18f8f98cfb45c95f3e6eb
f584c5c806d7e630ee79af8ea75f77042b9b6cc3799973e92b166c45ed471ed1
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7408c25067cd0a9d9fe835cb4c05e394a50751d3fcde0c461db19a309abb02a
fff15b94aca6e5009fa59ef79f4d1b49fdc7fa9e3e4c646debde8e6d6e24703b

rosefile.net Open in urlscan Pro 2606:4700:3034::6815:5db8 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

173 Requests

97 %HTTPS

60 %IPv6

32 Domains

45 Subdomains

38 IPs

6 Countries

2071 kBTransfer

4131 kBSize

34 Cookies

0 Outgoing links

Page URL History

Redirected requests

173 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

rosefile.net Open in urlscan Pro
2606:4700:3034::6815:5db8 Public Scan

Screenshot
Live screenshot

Full Image

173
Requests

97 %
HTTPS

60 %
IPv6

32
Domains

45
Subdomains

38
IPs

6
Countries

2071 kB
Transfer

4131 kB
Size

34
Cookies

173 HTTP transactions
4 data transactions