herfs3vxf.ruiertyuiokjn26.tk Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://herfs3vxf.ruiertyuiokjn26.tk/
Submission: On July 25 via automatic, source certstream-suspicious (July 25th 2023, 8:43:16 am UTC) — Scanned from DE

Summary HTTP 131 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 53 IPs in 9 countries across 44 domains to perform 131 HTTP transactions. The main IP is 2a06:98c1:3120::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is herfs3vxf.ruiertyuiokjn26.tk.
TLS certificate: Issued by E1 on July 25th 2023. Valid for: 3 months.

This is the only time herfs3vxf.ruiertyuiokjn26.tk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
34	2a06:98c1:312... 2a06:98c1:3120::3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 9	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
9	2600:9000:205... 2600:9000:2057:6200:3:a1d:1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
4	2600:9000:21f... 2600:9000:21f3:ea00:15:c281:3500:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:2638:3::e 2a02:2638:3::e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4 5	2a02:2638:d::d 2a02:2638:d::d	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:205... 2600:9000:2057:a600:18:6c16:27c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.7.13 178.250.7.13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2	34.107.203.234 34.107.203.234	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6812:43a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
1	35.158.171.190 35.158.171.190	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
2 2	185.89.210.141 185.89.210.141	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	185.89.210.122 185.89.210.122	29990 (ASN-APPNEX) (ASN-APPNEX)
1	184.30.20.22 184.30.20.22	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.158.240.125 35.158.240.125	16509 (AMAZON-02) (AMAZON-02)
1	185.86.139.104 185.86.139.104	201081 (SMARTADSE...) (SMARTADSERVER)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1	104.75.89.75 104.75.89.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.248.245.213 13.248.245.213	16509 (AMAZON-02) (AMAZON-02)
1	3.75.62.37 3.75.62.37	16509 (AMAZON-02) (AMAZON-02)
1	37.157.2.234 37.157.2.234	198622 (ADFORM) (ADFORM)
1	185.255.84.152 185.255.84.152	200271 (IGUANE-) (IGUANE-)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 2	52.18.94.124 52.18.94.124	16509 (AMAZON-02) (AMAZON-02)
1	162.19.138.82 162.19.138.82	16276 (OVH) (OVH)
1 2	54.246.170.49 54.246.170.49	16509 (AMAZON-02) (AMAZON-02)
1	34.117.157.22 34.117.157.22	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.93.45.192 54.93.45.192	16509 (AMAZON-02) (AMAZON-02)
1	64.202.112.223 64.202.112.223	22075 (AS-OUTBRAIN) (AS-OUTBRAIN)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	2600:1f18:612... 2600:1f18:612b:4216:fdfc:8841:31a4:a88b	14618 (AMAZON-AES) (AMAZON-AES)
1	23.35.237.75 23.35.237.75	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.30.155.207 52.30.155.207	16509 (AMAZON-02) (AMAZON-02)
1	18.194.63.102 18.194.63.102	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	52.211.18.86 52.211.18.86	16509 (AMAZON-02) (AMAZON-02)
1	18.189.169.214 18.189.169.214	16509 (AMAZON-02) (AMAZON-02)
131	53

34 2a06:98c1:3120::3 (United States)

ASN13335 (CLOUDFLARENET, US)

herfs3vxf.ruiertyuiokjn26.tk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2600:9000:2057:6200:3:a1d:1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

img-ik.cars.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

img.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:21f3:ea00:15:c281:3500:93a1 (United States)

ASN16509 (AMAZON-02, US)

ik.imagekit.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dynamic.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:2638:d::d (France) 4 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2057:a600:18:6c16:27c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

tools.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.107.203.234 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 234.203.107.34.bc.googleusercontent.com

settings.luckyorange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o4504869871026176.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

sslwidget.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:43a (United States)

ASN13335 (CLOUDFLARENET, US)

api.cars.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.cars.co.za	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

c47cc4beca060a508f28cfa16ea9e190.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.171.190 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-171-190.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.141 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.89.210.122 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.30.20.22 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-20-22.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.240.125 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-158-240-125.eu-central-1.compute.amazonaws.com

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.86.139.104 (France)

ASN201081 (SMARTADSERVER, FR)

rtb-csync.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync-t1.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com

criteo-sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.75.62.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.2.234 (Denmark)

ASN198622 (ADFORM, DK)

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.152 (France)

ASN200271 (IGUANE-, FR)

visitor.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

r.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.18.94.124 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-94-124.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.19.138.82 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.246.170.49 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-246-170-49.eu-west-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.117.157.22 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 22.157.117.34.bc.googleusercontent.com

matching.ivitrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.93.45.192 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-45-192.eu-central-1.compute.amazonaws.com

exchange.mediavine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.223 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com

sync.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:fdfc:8841:31a4:a88b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

criteo-partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.35.237.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-75.deploy.static.akamaitechnologies.com

ad.yieldlab.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.155.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-30-155-207.eu-west-1.compute.amazonaws.com

sync-criteo.ads.yieldmo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.63.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-194-63-102.eu-central-1.compute.amazonaws.com

e1.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.211.18.86 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-18-86.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.189.169.214 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-189-169-214.us-east-2.compute.amazonaws.com

s.thebrighttag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
34	ruiertyuiokjn26.tk herfs3vxf.ruiertyuiokjn26.tk	426 KB
13	doubleclick.net 3 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 208 stats.g.doubleclick.net — Cisco Umbrella Rank: 120 cm.g.doubleclick.net — Cisco Umbrella Rank: 242	187 KB
12	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 134 c47cc4beca060a508f28cfa16ea9e190.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 153	821 KB
11	cars.co.za img-ik.cars.co.za api.cars.co.za www.cars.co.za	114 KB
10	criteo.com 4 redirects dynamic.criteo.com — Cisco Umbrella Rank: 3696 gum.criteo.com — Cisco Umbrella Rank: 437 mug.criteo.com — Cisco Umbrella Rank: 2484 sslwidget.criteo.com — Cisco Umbrella Rank: 1845 dis.criteo.com — Cisco Umbrella Rank: 607	33 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 244 secure.adnxs.com — Cisco Umbrella Rank: 458	3 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2709 www.google.com — Cisco Umbrella Rank: 3	2 KB
4	gstatic.com fonts.gstatic.com	62 KB
4	imagekit.io ik.imagekit.io — Cisco Umbrella Rank: 22473	67 KB
3	luckyorange.com tools.luckyorange.com — Cisco Umbrella Rank: 13055 settings.luckyorange.com — Cisco Umbrella Rank: 12986	5 KB
2	360yield.com 1 redirects ad.360yield.com — Cisco Umbrella Rank: 673	876 B
2	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 211	2 KB
2	casalemedia.com 1 redirects r.casalemedia.com — Cisco Umbrella Rank: 1570	2 KB
2	sentry.io o4504869871026176.ingest.sentry.io	465 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 109	239 B
2	google.de www.google.de — Cisco Umbrella Rank: 5791	515 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 166	155 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 59	21 KB
2	youtube.com img.youtube.com — Cisco Umbrella Rank: 3424	129 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 73	179 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 82	2 KB
1	thebrighttag.com s.thebrighttag.com — Cisco Umbrella Rank: 2147	268 B
1	krxd.net beacon.krxd.net — Cisco Umbrella Rank: 639	338 B
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 207	57 KB
1	emxdgt.com e1.emxdgt.com — Cisco Umbrella Rank: 2027	44 B
1	yieldmo.com sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2271	38 B
1	yieldlab.net ad.yieldlab.net — Cisco Umbrella Rank: 4477	400 B
1	tremorhub.com criteo-partners.tremorhub.com — Cisco Umbrella Rank: 2500	399 B
1	pubmatic.com simage2.pubmatic.com — Cisco Umbrella Rank: 788	582 B
1	outbrain.com sync.outbrain.com — Cisco Umbrella Rank: 792	145 B
1	mediavine.com exchange.mediavine.com — Cisco Umbrella Rank: 1261	880 B
1	ivitrack.com matching.ivitrack.com — Cisco Umbrella Rank: 2966	274 B
1	id5-sync.com id5-sync.com — Cisco Umbrella Rank: 439	1 KB
1	omnitagjs.com visitor.omnitagjs.com — Cisco Umbrella Rank: 901	342 B
1	adform.net cm.adform.net — Cisco Umbrella Rank: 1301	162 B
1	yahoo.com ups.analytics.yahoo.com — Cisco Umbrella Rank: 323	125 B
1	3lift.com eb2.3lift.com — Cisco Umbrella Rank: 417	140 B
1	teads.tv criteo-sync.teads.tv — Cisco Umbrella Rank: 2066	163 B
1	taboola.com sync-t1.taboola.com — Cisco Umbrella Rank: 1327	99 B
1	smartadserver.com rtb-csync.smartadserver.com — Cisco Umbrella Rank: 643	114 B
1	sharethrough.com match.sharethrough.com — Cisco Umbrella Rank: 588	365 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 388	239 B
1	media.net contextual.media.net — Cisco Umbrella Rank: 634	793 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 355	146 B
131	44

	Domain	Requested by
34	herfs3vxf.ruiertyuiokjn26.tk	herfs3vxf.ruiertyuiokjn26.tk
9	img-ik.cars.co.za	herfs3vxf.ruiertyuiokjn26.tk
9	securepubads.g.doubleclick.net	1 redirects herfs3vxf.ruiertyuiokjn26.tk securepubads.g.doubleclick.net www.googletagservices.com
6	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
5	pagead2.googlesyndication.com	herfs3vxf.ruiertyuiokjn26.tk tpc.googlesyndication.com www.googletagservices.com
5	gum.criteo.com	4 redirects dynamic.criteo.com
4	fonts.gstatic.com	fonts.googleapis.com
4	ik.imagekit.io	herfs3vxf.ruiertyuiokjn26.tk
2	ad.360yield.com	1 redirects
2	dpm.demdex.net	1 redirects
2	r.casalemedia.com	1 redirects
2	secure.adnxs.com	1 redirects
2	ib.adnxs.com	2 redirects
2	dis.criteo.com
2	cm.g.doubleclick.net	2 redirects
2	o4504869871026176.ingest.sentry.io	herfs3vxf.ruiertyuiokjn26.tk
2	www.facebook.com	herfs3vxf.ruiertyuiokjn26.tk
2	settings.luckyorange.com	tools.luckyorange.com
2	www.google.com	herfs3vxf.ruiertyuiokjn26.tk tpc.googlesyndication.com
2	www.google.de	herfs3vxf.ruiertyuiokjn26.tk
2	region1.analytics.google.com	www.googletagmanager.com
2	stats.g.doubleclick.net	www.google-analytics.com www.googletagmanager.com
2	connect.facebook.net	www.googletagmanager.com connect.facebook.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	img.youtube.com	herfs3vxf.ruiertyuiokjn26.tk
2	www.googletagmanager.com	herfs3vxf.ruiertyuiokjn26.tk www.googletagmanager.com
2	fonts.googleapis.com	herfs3vxf.ruiertyuiokjn26.tk
1	s.thebrighttag.com
1	beacon.krxd.net
1	www.cars.co.za
1	www.googletagservices.com	securepubads.g.doubleclick.net
1	e1.emxdgt.com
1	sync-criteo.ads.yieldmo.com
1	ad.yieldlab.net
1	criteo-partners.tremorhub.com
1	simage2.pubmatic.com
1	sync.outbrain.com
1	exchange.mediavine.com
1	matching.ivitrack.com
1	id5-sync.com
1	visitor.omnitagjs.com
1	cm.adform.net
1	ups.analytics.yahoo.com
1	eb2.3lift.com
1	criteo-sync.teads.tv
1	sync-t1.taboola.com
1	rtb-csync.smartadserver.com
1	match.sharethrough.com
1	pixel.rubiconproject.com
1	contextual.media.net
1	x.bidswitch.net
1	c47cc4beca060a508f28cfa16ea9e190.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	api.cars.co.za	herfs3vxf.ruiertyuiokjn26.tk
1	sslwidget.criteo.com	dynamic.criteo.com
1	mug.criteo.com	herfs3vxf.ruiertyuiokjn26.tk
1	tools.luckyorange.com	www.googletagmanager.com
1	dynamic.criteo.com	www.googletagmanager.com
131	57

This site contains links to these domains. Also see Links.

Domain
adclick.g.doubleclick.net
hdfjklkjhgfyu658.tk
www.sacoronavirus.co.za
about.cars.co.za
forms.gle
www.sentimetal.shop
bit.ly
apple.co
appgallery.huawei.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.tiktok.com
iabsa.net

Subject Issuer	Validity	Valid
ruiertyuiokjn26.tk E1	`2023-07-25` - `2023-10-23`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
img-ik.cars.co.za Amazon RSA 2048 M02	`2023-02-24` - `2023-10-07`	7 months	crt.sh
*.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
*.imagekit.io Amazon RSA 2048 M01	`2023-02-22` - `2024-03-22`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-19` - `2023-10-18`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-05-03` - `2023-08-01`	3 months	crt.sh
luckyorange.com Amazon RSA 2048 M01	`2023-02-27` - `2024-01-16`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh
settings.luckyorange.com R3	`2023-06-21` - `2023-09-19`	3 months	crt.sh
ingest.sentry.io DigiCert TLS RSA SHA256 2020 CA1	`2022-07-28` - `2023-08-28`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.media.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-18`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2023-03-05` - `2024-04-03`	a year	crt.sh
*.sharethrough.com Amazon RSA 2048 M01	`2023-06-14` - `2024-07-12`	a year	crt.sh
*.smartadserver.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-21` - `2024-01-23`	a year	crt.sh
*.taboola.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-08` - `2023-12-31`	a year	crt.sh
teads.tv R3	`2023-06-26` - `2023-09-24`	3 months	crt.sh
*.3lift.com Amazon RSA 2048 M02	`2023-04-13` - `2024-05-11`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2023-07-18` - `2024-01-10`	6 months	crt.sh
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-25` - `2024-06-18`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2023-06-23` - `2024-07-22`	a year	crt.sh
*.id5-sync.com R3	`2023-07-04` - `2023-10-02`	3 months	crt.sh
itm.ivitrack.com R3	`2023-06-03` - `2023-09-01`	3 months	crt.sh
exchange.mediavine.com Amazon RSA 2048 M02	`2023-06-06` - `2024-07-04`	a year	crt.sh
*.outbrain.com Thawte RSA CA 2018	`2022-11-06` - `2023-11-28`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2023-04-20` - `2024-05-20`	a year	crt.sh
*.tremorhub.com Amazon RSA 2048 M01	`2023-02-22` - `2024-03-23`	a year	crt.sh
*.yieldlab.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-16` - `2023-11-15`	a year	crt.sh
*.ads.yieldmo.com Amazon RSA 2048 M01	`2023-04-04` - `2024-05-02`	a year	crt.sh
*.emxdgt.com Amazon RSA 2048 M01	`2023-05-03` - `2024-05-31`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-07-03` - `2023-09-25`	3 months	crt.sh

This page contains 8 frames:

Primary Page: https://herfs3vxf.ruiertyuiokjn26.tk/
Frame ID: 36A914552B632E84DEAB50CAA602AADC
Requests: 88 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=herfs3vxf.ruiertyuiokjn26.tk&origin=onetag
Frame ID: 46603A9EB3D483A60A113C5F32477225
Requests: 2 HTTP requests in this frame

Frame: https://c47cc4beca060a508f28cfa16ea9e190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F0705CD09DF38B3DD9BDC7F65B105DD3
Requests: 1 HTTP requests in this frame

Frame: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-4JxesJpBeJINCzcybtD3uQGoCmKda7gKYWffMg&expires=30
Frame ID: 69CC8EACB303B69822E36B25022B63FE
Requests: 28 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv56bmpNoX4FRtaARO2KZDnvy2jwUjYDrogQQycmnoBo4FWcnGE44KEzud3_OZ8jIzaaFFuu9tsluXndSyNfdrTQ-XKGBQAykVS4-tp5sFNcKdTh3M1qWBXy5aYKmCY2Q16yqYOOD1vl5o15gjJXAaegH5OejYb9TW8OXEPnyC-P8T53zrV7PkchGJX2JpdSAzvkKlOvGMmy2_iT7cEuOl7n4a00KPWdCafB2aBi976ZWYioucufa7wpkCZeVOd3JVXawMAi9O3-XAPyzsohkbAVaEreuIuq6Ud9nrdCyDGiJGPxufxZhEZBslHjiyzvLge1xaAE1Y611gUyGjVXXXOw8C2w42w6DLp&sai=AMfl-YQS1WZiF0dbYnQS2MQxFW0ZBAVCDSfdGh7ihp8czZCTl442BujwvKM7MIs203O_Ww-4M8wX6E-pz9jdUSfb5mpdX3uSRNT-l2szjcTCeyLdBUq5moxbUC6YT-l_YpOObhzE8Z6FZcsMlr2SqQvG&sig=Cg0ArKJSzMmEaLVDO3AYEAE&uach_m=[UACH]&adurl=
Frame ID: E485380689CD365AF3EE79DB2399597A
Requests: 7 HTTP requests in this frame

Frame: data://truncated
Frame ID: 8669D966CF4490DACD8A3CC78B83877D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 5E603703392F216B46F77C0485FACF92
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6B6B13F3BE53A8AC930914F5933DC9F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cars for Sale in South Africa, Buy new & used - Cars.co.za

Detected technologies

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

131
Requests

92 %
HTTPS

43 %
IPv6

44
Domains

57
Subdomains

53
IPs

9
Countries

2268 kB
Transfer

4524 kB
Size

43
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://adclick.g.doubleclick.net/pcs/click?xai=AKAOjsuybw6PsGObKByq-AnJ5Q-MvbdsdAaaHWHiY-kiXCn6jJAdfvrQAlJVzzTFJMm8alHMwhpF1dsRfPpeY5E9YVMFksTrcrywkQ9GxpQu9CdV4HxNJn09UiqdePjUZ3kb92in6BMbNL5JUDAnBBl7GS-CqzMBZRxY5p3VhLObdD48g4BLTlQVVcF02bW1TVNT5SOfg6j4yFL1rdbK5YoTAscRptW3aW47yI0e_hnzRp8Ei6U8WkoKiiuBXMBZHhKgmAqTySjbp1PzhSIlJ41giRc4JqmmpIMUPblDByZlLrSncFUzngknxS5X_r9v0m6j700aE3hoShI5s_GZ_6MdvIoCgxg&sai=AMfl-YS9kd9Y0i0-F6r6BCF4AN1XfLE-ZfkcP8gK-XAqMqOGouIfHeq0aekte2K9jVbGain2ronz6Kp1h6dOP_1kfSUCw-ADI8IDLHYhrWsf6EqqI4i3QfmxjQSlCenVv-Fm6JuLrCjXUxjJX-dyuu4&sig=Cg0ArKJSzBJ-VJGtedI4EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&adurl=https://www.kia.co.za/promotion/seltos-deal?utm_source=cars&utm_medium=seltos50k

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/?new_or_used=New
Title: New Car Search

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/buyers-guide/
Title: New Cars Buyer's Guide

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/new-car-specials/
Title: See all

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/new-car-specials/Haval-Jolion-special/3840/
Title: Make the Jolion HEV part of your family with up to R26,000 deal assistance.The Jolion is a sensation everywhere.View special

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/new-car-specials/Mercedes-Benz-Sprinter-special/4117/
Title: Let's move Mzansi. Woza nawe. from R24,299 p/m*Move your business forward as you carry Mzansi. Get the Mercedes-Benz Sprinter Inkanyezi with financing that works for you, now available with no deposit and at a fixed interest rate.View special

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/new-car-specials/Kia-Sonet-special/3869/
Title: New Kia Sonet from R5,499 p/m with no depositWith a fuel-efficient vehicle like the Sonet, you can go on all kinds of inspiring journeys without feeling it too much. |Term 72 months | Interest rate 12,33% |View special

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/new-car-specials/MINI-Hatch-SE-special/4113/
Title: The MINI ELECTRIC from only R10,499 p/m*.The all-electric MINI is every bit the original iconic MINI, but powered for the roads of tomorrow.View special

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/newcars/
Title: View new car specs

Search URL Search Domain Scan URL

URL: https://www.sacoronavirus.co.za/
Title: www.sacoronavirus.co.za

Search URL Search Domain Scan URL

URL: https://about.cars.co.za/
Title: About us

Search URL Search Domain Scan URL

URL: https://about.cars.co.za/careers/
Title: Careers We're hiring

Search URL Search Domain Scan URL

URL: https://forms.gle/rDkoWTtz7bm9Dw8E9
Title: Submit an idea

Search URL Search Domain Scan URL

URL: https://forms.gle/CpZpas9aeqxbtA72A
Title: Report a bug

Search URL Search Domain Scan URL

URL: https://www.sentimetal.shop/
Title: Sentimetal Shop

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/Cheap-cars/
Title: Cheap used cars

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/Volkswagen/
Title: VW used cars

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/BMW/
Title: BMW used cars

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/Toyota/
Title: Toyota used cars

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/Gauteng/
Title: Gauteng used cars

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/Western-Cape/
Title: Western Cape used cars

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/Fuel-efficient-cars/
Title: Fuel efficient cars

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/Automatic-cars/
Title: Automatic cars

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/Electric-cars/
Title: Electric cars

Search URL Search Domain Scan URL

URL: https://hdfjklkjhgfyu658.tk/usedcars/Hybrid-cars/
Title: Hybrid cars

Search URL Search Domain Scan URL

URL: https://bit.ly/2PaHe7a

Search URL Search Domain Scan URL

URL: https://apple.co/2PAEscp

Search URL Search Domain Scan URL

URL: https://appgallery.huawei.com/app/C100880073

Search URL Search Domain Scan URL

URL: https://www.facebook.com/CarsSA/

Search URL Search Domain Scan URL

URL: https://twitter.com/CarsSouthAfrica?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor

Search URL Search Domain Scan URL

URL: https://www.instagram.com/carssouthafrica/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCB-mfYAd3oJLEkoMxjRAxbg

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@carssouthafrica

Search URL Search Domain Scan URL

URL: https://iabsa.net/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://gum.criteo.com/sid/json?origin=onetag&domain=ruiertyuiokjn26.tk&sn=ChromeSyncframe&so=0&topUrl=herfs3vxf.ruiertyuiokjn26.tk&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
https://mug.criteo.com/sid?cpp=PzFAiXw4V2E4Y21SVXcrQW0yQjhQVTc2UWxJVzF6Um1ZWm5oRlB4RVU3bkgzVk42NDhHaUhIWUtvY1lzUXdZS1dDRUJoSXhic1ZpaUtEd0R0TzR1Nnl0T2w1UHpMZlpDZTkwQlpuL1BlTGVVZE1jM1pMWE1zZWxoUVRMNWpCNk1VWjY3TUhaeFhuZmRrZ210d01SZUhabkQ3M3hvcFR2RG42Z09ySUZ6dFBFYmNBcUsrclNtYWVzam1NQ3VtTGF0OElUZE5EWVhJNlo5Ymc0Y29tQnRld1ZCQXJlbk9OTXpZcEFvSHMrSjUzTTZGQjV5RjUrL0NJbSsrMmVPR29IQ0JoejJhQzU2SHQrSWFoR05tQVdPaWtxWVd2Z1p2ZDZ4eHhVU2RLSEd0dVNveVF1Yz18&cppv=2

Request Chain 79

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GIUxLJpBeJINCzcybtD3uQGoCmLbphK-dOvYRQ&google_cm&google_hm=ay1HSVV4TEpwQmVKSU5DemN5YnREM3VRR29DbUxicGhLLWRPdllSUQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-GIUxLJpBeJINCzcybtD3uQGoCmLbphK-dOvYRQ&google_cm=&google_hm=ay1HSVV4TEpwQmVKSU5DemN5YnREM3VRR29DbUxicGhLLWRPdllSUQ&google_tc= HTTP 302
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GIUxLJpBeJINCzcybtD3uQGoCmLbphK-dOvYRQ&google_gid=CAESEK4UJe506K-URszlS35Tyb0&google_cver=1&google_ula=913071,0

Request Chain 80

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6713900658213081969

Request Chain 81

https://secure.adnxs.com/setuid?entity=52&code=k-E3j315pBeJINCzcybtD3uQGoCmJYZGHWN62j2A HTTP 307
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-E3j315pBeJINCzcybtD3uQGoCmJYZGHWN62j2A

Request Chain 92

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hxgzE5pBeJINCzcybtD3uQGoCmK8IxuNM81H5g HTTP 302
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hxgzE5pBeJINCzcybtD3uQGoCmK8IxuNM81H5g&C=1

Request Chain 93

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP 302
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=z9bD5RYgKSZ5blxHQOoFDypfoDdaRaV5 HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=z9bD5RYgKSZ5blxHQOoFDypfoDdaRaV5

Request Chain 95

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-JkFM5ppBeJINCzcybtD3uQGoCmKxsevSIsxFtw HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JkFM5ppBeJINCzcybtD3uQGoCmKxsevSIsxFtw

Request Chain 118

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv695V_jUUgpkH6xa9v6DkdFE483LDf1HsHSNFl56TWeFX5RQWuoUn9Fnx_kZTlkFqTMA9F3PoB42o6jyKd1UoVGKPDZOgLxkfG4PBQqsFZLtoYiq0GNQ93kVbTB7u2DRQrUFqmSRK0e84p3cr8YaGN8Q-RcPmQbZ_F5_9OAc7RqbP6Z4KBVF-T66ClWuvK4P4UJ_rmzNmfD6ZG3vQZJunpZxbYBT1kI6H-dJx6lLTTaWCZUQe9QJR67xsupZEw8T9bHk5Rz3d6Y5WHJzfdZcRQcJVvGqlTraQMv3cYI2gJ5xlDPW0FpdTAx0EeggZEqK5hqrR_008kZFlvMB2kQ1a9bmuj4xAzfM0&sai=AMfl-YRsNjonZwaheOW2BkKuTS-WLmsgNjtarAS7USWg745FAJ7aFuMx2yp31qCxtzzofEy4vN5fsbK9gGIedNPHihZJCtF41grAczPkYw9Xfa1W2X4GZ6NUwD2eDo6Ms1cSkKFoIzcQqY195zCdp3g&sig=Cg0ArKJSzDmDAb99az3-EAE&uach_m=[UACH]&urlfix=1&adurl=https://www.cars.co.za/images/blank.gif HTTP 302
https://www.cars.co.za/images/blank.gif

Request Chain 121

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=sYAtNnIiMmMMNwPsCCBel8-S5XD-nucO

Request Chain 127

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP 302
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=RLNVs04j86jSvFRGYBAxpI_saDwCsBRf

131 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
herfs3vxf.ruiertyuiokjn26.tk/ 178 KB
47 KB 625ms
547ms Document
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Next.js
Resource Hash: 7fe70eb0e3fc3e35c9a1873ea07e136d49f4043e6e6619a18fa1cb526192a65c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin: *
age: 173
alt-svc: h3=":443"; ma=86400
cache-control: public, s-maxage=300, max-age=1, stale-if-error=600
cf-cache-status: DYNAMIC
cf-ray: 7ec31d0cbc50bb55-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Tue, 25 Jul 2023 08:43:08 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RxQ6%2F1lxRl1KSSLi8AaKucU3e85i2YKQ2WYJJVX180RUhsh8Zoun3E5wBBlnZm4D%2B3WlyB%2FBD90unRPXvYmWss0ZiJOmbkirfHyor1q%2Blmc3NJ28KstGBSasuk%2FFCKB3Nx950F3Q%2FAWsPe38AGZH%2BZs7AcquRlvmB543"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-powered-by: Next.js

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 80 KB
27 KB 128ms
75ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa3d86e8e6e5577fdeabe0c790790c7e974356cb2712c8117ffc63c64e897121

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27612
x-xss-protection: 0
server: cafe
etag: 970 / 19563 / m202307180101 / config-hash: 14308175188880485398
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:43:08 GMT

GET
H2 200 b100f76ddccdf424.css
herfs3vxf.ruiertyuiokjn26.tk/_next/static/css/ 94 KB
22 KB 976ms
975ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/css/b100f76ddccdf424.css
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: fe1d79cdeb52b9d850b766704955a0c174cc17b00880b9127d780e7f77830e4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=96243
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"177f3-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FRxrXVPAYA9z%2FZzJ116%2BMoVu1CD85%2B%2FmKrwyvIYWY%2BG8U%2BXMgydn1Vm9GGAqVR7wIf43P0nNEpuruDy0gofKJD5G6ZkXVmV7E5DxYu%2FrR8YvHE6E9hKiMIwdcz5lQhR%2BkKAVpiH%2FcywwCZZouiRNsLK4pRdpmJRq8Lad"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d10289cbb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 64cc8dab97f72eae.css
herfs3vxf.ruiertyuiokjn26.tk/_next/static/css/ 28 KB
6 KB 626ms
625ms Stylesheet
text/css 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/css/64cc8dab97f72eae.css
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c4b5d7b7a17d6784c99098d6068be8b544ec01c03e9b3bc20a81d938cf65fba0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=29227
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:16:10 GMT
cf-bgj: minify
server: cloudflare
etag: W/"722b-18876074d10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b3W1X%2BsmVmnaOX5wuKdrX5hqwMppVLco7Lm0FAQ2AYZep6ZrUx0IujVKfqfz75jVD%2BoJ7961NR9hJuLf%2FN7%2FpLxnEqvOGNowCcG%2F9nHLNvnJFLbkqex8DGb22La16LS52ufk5AgEyTMV7Z0ZqH5bw17hUcJCrLgdk2wa"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d10289dbb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 webpack-a7128a06baa81db0.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 7 KB
4 KB 534ms
532ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/webpack-a7128a06baa81db0.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 1c0f3d5b4152b13b8340caec2936e65369e33a1b3f27bb3b854bc16b2c99a6a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7654
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1de6-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0YDMiRLeXTzb0AJ%2FM2h7HtDWGlF8Wv36U5jYioXcnd2h23TOexFIbCsOxjuc6B%2BuyMZeakE%2BA9vHHcFuDOgUuiUOqt4%2BDvQ83tA0K%2BsUBtykTrjo5jOiu%2BLqVC%2FcIZMtQwOwO0PImli5vgZynnodF3Opi%2BbV3Wjgl57N"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048c5bb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 framework-d583295f3144c491.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 137 KB
47 KB 640ms
637ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/framework-d583295f3144c491.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c01d27a9d09486021e5af41eda8d7adc11f1e2d0f6f975f3baecdd0a375e0213

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=141130
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:16:10 GMT
cf-bgj: minify
server: cloudflare
etag: W/"2274a-18876074d10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XmgRSa7mib10GyE5uZLUXAFfHncGQWryLtHFKxTVdQuuTwgwscUtwkxbTVJ6kK1Sk7Cop8SaMF1j%2FgA4Q67yfbG6bz60CI%2FgRjmLnOSYN60aGyN%2BFSMVGpSOkQgy3wPtPyn%2BDnTseQmoBdg5XGhRSarr8gIh9%2FRAwKZv"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048ccbb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 main-eb475addadb44b60.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 88 KB
29 KB 659ms
656ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4fbad2230d9711938a4d41137a22a818cbedc33ed4e118f68b4853f523b99e38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=89830
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 01 Jun 2023 08:16:10 GMT
cf-bgj: minify
server: cloudflare
etag: W/"15ee6-18876074d10"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rUl%2F1L%2Fz%2FLkiA76wZ5QHmN7bFXPaiYHT9hUgRkPWwh4jyijY4YgyFsmCWKIZKC9aAyZCd98QhTf2ykgTa7dZJOk8B%2FG9zgbAtkeoRB5vi7dFh4nBQvxsmO3jgM3cTWT3nlHA4%2BD%2FSz1RdO2vrlpMTRbowDO142wcpAPn"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048cebb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 _app-c8c4214d0669ff5d.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/ 555 KB
185 KB 655ms
652ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/_app-c8c4214d0669ff5d.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c9c052df45b7a09302d9d8ca572b2ca290bdeec12a8f540f5a4d16f725fd0e97

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=569426
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"8b052-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0y7TCCpAztJ%2F9K01%2FAsZpAMb6NCClluDQT2tasvMxx9nxB0zoso2jPaXpoRVFq%2B1aDF7jfT2%2FZ7Ivy%2FfmG4W2PefYx4lqeu0MY6%2B4mMO1WFId8YFmsh6nFS4nFAaEPjt3mkWzmUewYqkQtdsxI6HFmr6XosaVnkqhT7r"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048d0bb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 5570-68b5c36749c6de23.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 9 KB
5 KB 537ms
534ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/5570-68b5c36749c6de23.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 8b507b4a643776d79f3018fd42f7d1568d22c45ee40b714d5178b5ec3a464bb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9304
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 06 Jul 2023 13:25:12 GMT
cf-bgj: minify
server: cloudflare
etag: W/"2458-1892b60cec0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NFD4rEV65Giq%2B0tp%2FBS8zVEu4yWniIneOzY4aJ6ZShEySqcrReWdhcyfV1CeJKvlpVo0ho2VUHBsZuZCJ8t8iMVBaFXbXAltWPJSiCrWKr9jtxPEN1msH5lHKwg1c%2FNuIDpKxd7HnH8WcYdWWk44yXM1ONqGTHU6mh2p"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048d3bb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 8301-75ec89c47c15c7b7.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 10 KB
4 KB 1521ms
1518ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/8301-75ec89c47c15c7b7.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4334fcd87e9db1953b7d51fbe2af7b3c7caab98611d881e24359edf3fe3968fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=9855
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"267f-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gT2JhkNe3WKYDHdL0nDaphDz9dNj26RnV%2BJaz6xXS5GTonVQqiHTvLZuw0rEsIX%2BtcKzFCsxB2yePUq%2BD6m4%2FHeYmwkefESnLrC6Ayi3OUX%2FDWGCMWZdPR87%2BDxaPm%2F24fltIBXf6osF8Ze5GW877f9OvKomgzCEasdb"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048d4bb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 4546-277a32705ff188ac.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 106 KB
33 KB 652ms
649ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/4546-277a32705ff188ac.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 4ee827bb1d5595ad216f133facfce759e16865a16f25c683e20377378cb795cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=108804
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1a904-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=52XZ720lMadYDr65%2Bbh1WvIFV%2F96p46Fh1j86uJSzPq%2FVbNSmjgQ0%2BNe7wlW5KQtUEtpgROa2YTpE%2BP2LGYeZqMlZRW2jSMt9j438YXh3ilHa6zpgsPjHWSv7AtQ%2FbJCaRKBrvE3UM6SSNd0%2B18jvB7NwyxGVGsxeZHW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048d5bb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 8780-c93d78f12ba4d970.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 8 KB
3 KB 851ms
849ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/8780-c93d78f12ba4d970.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: d8c16e364660fcd868c4760593f181e103b68dc4d9cd9b9654dd080cee0d3dda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=7736
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"1e38-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZV%2BmQO%2B9brgGRp112T%2FHwfV78p2VUwFAdNtkpYaG6IP7Z%2BCdfOsZvA8Gz3MLfdwHCCPIskz5s1U%2BqO3HNMYrnltTLznR8TvZOL20aA%2BSmMq8CH0C0%2Bm1YLBy1zMbX5rEGOBS%2BgN7q%2F2TL4W2gqdreD1bVCMruRConJx7"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048d7bb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 7383-a3fd07c7526787ed.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 21 KB
8 KB 963ms
961ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/7383-a3fd07c7526787ed.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 50f6530f62f596ae21a01cbd7969aca135fa3fa82ac58d6c655e6531abbdaf40

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=21939
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"55b3-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LS11fxXVHKqkaPS2%2BL%2B79NmpXdJih3B6pdgUApHGSlELVse6wt0cz6nbfaoQtsrytmbk4JcPcVyHlPcXMxa%2BZsceakHDBZLA6j5nxzg5JdvLkHFN3t%2FC%2FeSlJdFhdyla%2F%2F1xEatZeVDfimtugyn8uAbntyB%2FlJxnDST6"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048d9bb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 1048-d8e22bb65313230e.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 15 KB
6 KB 555ms
553ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/1048-d8e22bb65313230e.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: c557b8155e4f464d1b574d531e10f0c414dd9d937f439b2737203475dd789de0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=14926
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"3a4e-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h6k5KM1wFvEZ1lT7OUqzvfqGGXsi1zstvYvlwgmf125Ph8XsLp9yCaIuLGWcfkndIcFOyItUxubJEm74nGx9GZPopdo5pgUI1CKUSwqRXl2plYURJX68PB3cXXjn5J5KHneKdCVNb3ybeC7Eda8%2BGB%2FdLCOKi9F3Rt51"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048dabb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 9604-e9ae33ae27cb6ec8.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 24 KB
10 KB 652ms
650ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/9604-e9ae33ae27cb6ec8.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 48ae39501369e0d90535fa0b7b98c02af384903c5ad9c1f6b3e35cd57ad97166

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=24551
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"5fe7-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PqbsqtxjageByW1pR0nv6x6BrhKr596KwnYFKyjNgBvHQTJLSrSTuJlCpKsMSEzo0f%2FPR7YiYipWgX7ipusvy7dgFCuo3eS%2Bb%2F3oMb0xZr09Th0E3I9hpORsOqw7fBtHc4arCpMwVOAYCRw0AG05dlrXIsNu3rfjDIph"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048dbbb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 3861-5496fca8d906a170.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 29 KB
10 KB 634ms
632ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/3861-5496fca8d906a170.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 40e44938be76d56247b2c127c3d39fdb2cb4158edfaea69b7b72db0dd8acc7ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=30139
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"75bb-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hC7xvTuUfC%2FRLkCQqn867VDgmQkoTV5OWSRLgWfLq%2F4QSiLBJFTt4psEdXlLtHeZoXJMEy6V38ueQClYVbRBAjp35%2ByoT5GKW6BcpkpQEJyNEJ0dGRfGVNI9dx9MVPmmehNCoUqfpgOuuMaAUSYRmyqBT%2BuMXCxD%2F9%2FN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048ddbb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 index-5a3a60a16bbf54e9.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/ 3 KB
2 KB 539ms
537ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/index-5a3a60a16bbf54e9.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 2b1ee1dba0f95bc17c16754bb7ed7f74525d5960f8cc92fff75a7065f508a826

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origSize=2702
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"a8e-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SJkPQ5WSylWzgqR1OfunYoCRPtT1hg41pGx5LtnGYAfjjRH2MWOmCv%2BN3CjA9LJZhZJFWnLTSvvOkjDEBocJ9EIcLADSTcAIthUIW0%2BdhwdqXXeMAvffSshg7KRXwIAsGEpDdI1gm5TGQ20IXBvIHhFBJAGkb2sAfUz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048dfbb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 _buildManifest.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/cPlFhaRoLY-1sSpiMJUTt/ 10 KB
4 KB 536ms
534ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/cPlFhaRoLY-1sSpiMJUTt/_buildManifest.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6445f220d0effc8f5dd8ea35f18fb94e31ac39a881a736ae52498248c9008d68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"29bf-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=STSI1f48zdoPP5V44CvWXjp3aJbN1EHyt8QdGFzruJQOGKT3r9kM4TiuGc4cJQAFGqvlQsLurlAnQrl%2BKugz%2BIwoXyg5hqSFhFf4o%2FcYuVUk1Vwtbj2gJNZZVyol26i%2Fpjhmt0REfCppucR6T%2FN%2FJf54FIiBT%2FG%2Bah2I"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048e2bb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 _ssgManifest.js Show response
herfs3vxf.ruiertyuiokjn26.tk/_next/static/cPlFhaRoLY-1sSpiMJUTt/ 77 B
369 B 533ms
531ms Script
application/javascript 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/cPlFhaRoLY-1sSpiMJUTt/_ssgManifest.js
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-powered-by: Express
alt-svc: h3=":443"; ma=86400
last-modified: Tue, 25 Jul 2023 08:11:01 GMT
cf-bgj: minify
server: cloudflare
etag: W/"4d-1898c19fe08"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Gm6GpZp8W0vPnjsNH9%2BmVau9SsunXAMpzGH9XOZpQrwkld%2B4rB2Nus2o9RghM4C0he6MdHUxZu4MBcA4q5O1SxYwFDRrHjZbuHvkjg63TFfNN0g4zjjU2o0%2BkifrI3ZI%2FwZIMsVUGbMdKwnDxIOB%2Bkka8OlBaVhZRyH"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
cf-ray: 7ec31d1048e5bb55-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
1 KB 81ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 08:24:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 08:43:08 GMT

GET
H2 200 css2
fonts.googleapis.com/ 7 KB
816 B 82ms
29ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec1217100dbf844f59e6cd80e46fae7878a2a853c625e847742bb6a9c031bf80

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 08:32:43 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 25 Jul 2023 08:43:08 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 281 KB
93 KB 104ms
54ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PGKNJW

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

66d8fefd9ed26f0d7be3d34449396d643c32e251ad52a001ce5956b980a37d47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94681
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Jul 2023 08:43:08 GMT

GET
H2 200 Ford-Everest-vs-Toyota-Fortuner.jpg
img-ik.cars.co.za/news-site-za/images/2023/06/ 9 KB
9 KB 127ms
23ms Image
image/webp 2600:9000:2057:6200:3:a1d:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ik.cars.co.za/news-site-za/images/2023/06/Ford-Everest-vs-Toyota-Fortuner.jpg?tr=h-120%2Cw-179
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:3:a1d:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 245897f8383100d06968286edcab6894eef808a5d8890601a536481ad43b82e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 12:05:16 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 74272
x-cache: Hit from cloudfront
content-length: 8990
x-request-id: 5064deaf-87aa-4aba-9ae0-ba45da5e7d2e
last-modified: Wed, 14 Jun 2023 05:01:30 GMT
etag: "261195d72586724a14d1b76e78cc5ca2"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: OMcup5O8eu6NK90VDs3vW2byjTMS-0nd3OTc8II4szYO0CAQiCOK5w==

GET
H2 200 sddefault.jpg
img.youtube.com/vi/-jVVcxH--Tk/ 64 KB
65 KB 97ms
21ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/-jVVcxH--Tk/sddefault.jpg

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7120573894b7a8c5e1b5145c8bb632e3c34cb1904c6878a045c101a736ec9b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:38:11 GMT
x-content-type-options: nosniff
age: 297
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65813
x-xss-protection: 0
server: sffe
etag: "1689935736"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 25 Jul 2023 10:38:11 GMT

GET
H2 200 placeholder_X_yjjaToMNm.jpg
ik.imagekit.io/carscoza/ 772 B
1 KB 116ms
21ms Image
image/webp 2600:9000:21f3:ea00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/carscoza/placeholder_X_yjjaToMNm.jpg?tr=
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 1af9b0fc21168f65f7c5989d9cd824ebf0c13ac0f8699ba7d1527944d2243f2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 01:20:49 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 26539
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 772
x-request-id: d3064f92-9f0b-4906-a593-3738fd9d66df
last-modified: Wed, 26 Apr 2023 06:54:25 GMT
etag: "ecaba369bacaa801736f79d275cb648c"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: eHb3SlwVhTMmeYi0h_V1DgdwbJjZ6xO5I9JZUPD7Lcl77oE-ST2poA==

GET
H2 200 placeholder_X_yjjaToMNm.jpg
ik.imagekit.io/carscoza/ 632 B
1 KB 93ms
22ms Image
image/webp 2600:9000:21f3:ea00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/carscoza/placeholder_X_yjjaToMNm.jpg?tr=h-134%2Cw-200
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4f5662e843ed82b9d4a3e95c404b55eaf3366e371559c1a842817428fc9477d2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 03:59:03 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 621845
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 632
x-request-id: 0b00834f-c02f-4acf-9a96-115980ff482e
last-modified: Mon, 22 May 2023 11:19:42 GMT
etag: "4ffb9b4f654cd3a87727473374b20370"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: nncX8aJnoCvF_Qv5W_68t0LUjyfYTzCOWNGWk1oor7N66Uvwu9LsCQ==

GET
H2 200 ld.js Show response
dynamic.criteo.com/js/ld/ 45 KB
19 KB 144ms
71ms Script
application/javascript 2a02:2638:3::e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.criteo.com/js/ld/ld.js?a=77642

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGKNJW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

398633ade6c5cd957462b254ff92c08100b248c12fe9ce26492c056d9a04b02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; preload;
server: Kestrel
vary: Origin, Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public,max-age=10800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *

GET
H2 200 placeholder_X_yjjaToMNm.jpg
ik.imagekit.io/carscoza/ 728 B
1 KB 66ms
23ms Image
image/webp 2600:9000:21f3:ea00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/carscoza/placeholder_X_yjjaToMNm.jpg?tr=h-145%2Cw-240
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8ccef47b66e8f2188900566d6bbe024b9724351d427cc56e7936b010bd7d7c30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 16 Jul 2023 14:16:37 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 757591
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 728
x-request-id: 88ee9f29-a288-45dc-9c99-2e4f51ff5684
last-modified: Thu, 13 Apr 2023 14:24:16 GMT
etag: "9840a56155f56b89f9bd7905675010ac"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: MED1enf_TkpZbeFizevsDEV52nuUwCRBoaVJTgiloaU4aj4Jx7dAoA==

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 4660 15 KB
6 KB 128ms
37ms Document
text/html 2a02:2638:d::d
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=herfs3vxf.ruiertyuiokjn26.tk&origin=onetag

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=77642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: private, max-age=3600
content-encoding: gzip
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:43:07 GMT
server: Kestrel
server-processing-duration-in-ticks: 303427
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 iab-logo.png
herfs3vxf.ruiertyuiokjn26.tk/cars-images/footer/ 2 KB
3 KB 875ms
875ms Image
image/webp 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://herfs3vxf.ruiertyuiokjn26.tk/cars-images/footer/iab-logo.png
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / Express
Resource Hash: b6c57887f313487ae3e9f8be4f2f6c46dc6c8872784e7ed7055943ab5822f549

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-polished: origFmt=png, origSize=4154
surrogate-control: max-age=300
x-powered-by: Express
content-disposition: inline; filename="iab-logo.webp"
alt-svc: h3=":443"; ma=86400
content-length: 2320
surrogate-key: static-image
last-modified: Tue, 25 Jul 2023 08:08:37 GMT
cf-bgj: imgq:85,h2pri
server: cloudflare
etag: W/"103a-1898c17cb88"
vary: Accept, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bxHkuN9os%2FgvKie4auDEbtg4gO1vH5PqrwJSaXoqZPWdqCgx3WhWMJMimVJ2tOSD1Az72y5UYIcYFeGdiWO2G3Nh9inh1JEyrFCP7%2BaqIss6orO%2Fr0nOPTppeijszoHJcTXFmCL%2BWO%2BiWmYqLFjBEqQk%2B%2BM%2FZl95ktS1"}],"group":"cf-nel","max_age":604800}
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=604800, s-max-age=604800
accept-ranges: bytes
cf-ray: 7ec31d1268a06945-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGKNJW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Jul 2023 08:35:19 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 469
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 25 Jul 2023 10:35:19 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 171 KB
47 KB 68ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGKNJW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jul 2023 08:43:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 46993
x-xss-protection: 0
pragma: public
x-fb-debug: utzIvxNpbSDaJxS62k0y3oGiKACdKVLT26dNslDAq7XBT7+iNOdog38r/ssl95yX6gPwybqlcxtZSlofHZN/hQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 lo.js Show response
tools.luckyorange.com/core/ 12 KB
5 KB 124ms
22ms Script
text/javascript 2600:9000:2057:a600:18:6c16:27c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tools.luckyorange.com/core/lo.js?site-id=fbcde818
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGKNJW
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:a600:18:6c16:27c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f6de301aa68cad6801ad9135223ccc05f8e46cbc6a28af6693ef7153c9d1e4d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:19:00 GMT
content-encoding: gzip
via: 1.1 f0a97a8c56cd2bb79a1739863489ed4c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 1449
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-length: 4499
last-modified: Wed, 19 Jul 2023 20:18:51 GMT
server: AmazonS3
etag: "a267f3229eeba7a7697d799341035c89"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: G0C5vmwltEoKaqs5P87cfXiVggZy-bnlfU7qkK4edK9gekH1_Uv8gQ==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 260 KB
86 KB 52ms
51ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YX7CEM5R3Y&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PGKNJW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d1a6873bfec0fa3571cd8ef433ac7e33e95b545a5ac2bff3b58936ecfe094761

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 88362
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 25 Jul 2023 08:43:08 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 4660
Redirect Chain

https://gum.criteo.com/sid/json?origin=onetag&domain=ruiertyuiokjn26.tk&sn=ChromeSyncframe&so=0&topUrl=herfs3vxf.ruiertyuiokjn26.tk&cw=1&lsw=1&topicsavail=0&fledgeavail=0
https://mug.criteo.com/sid?cpp=PzFAiXw4V2E4Y21SVXcrQW0yQjhQVTc2UWxJVzF6Um1ZWm5oRlB4RVU3bkgzVk42NDhHaUhIWUtvY1lzUXdZS1dDRUJoSXhic1ZpaUtEd0R0TzR1Nnl0T2w1UHpMZlpDZTkwQlpuL1BlTGVVZE1jM1pMWE1zZWxoUVRMNW...

449 B
675 B

137ms
37ms

Fetch
application/json

178.250.7.13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=PzFAiXw4V2E4Y21SVXcrQW0yQjhQVTc2UWxJVzF6Um1ZWm5oRlB4RVU3bkgzVk42NDhHaUhIWUtvY1lzUXdZS1dDRUJoSXhic1ZpaUtEd0R0TzR1Nnl0T2w1UHpMZlpDZTkwQlpuL1BlTGVVZE1jM1pMWE1zZWxoUVRMNWpCNk1VWjY3TUhaeFhuZmRrZ210d01SZUhabkQ3M3hvcFR2RG42Z09ySUZ6dFBFYmNBcUsrclNtYWVzam1NQ3VtTGF0OElUZE5EWVhJNlo5Ymc0Y29tQnRld1ZCQXJlbk9OTXpZcEFvSHMrSjUzTTZGQjV5RjUrL0NJbSsrMmVPR29IQ0JoejJhQzU2SHQrSWFoR05tQVdPaWtxWVd2Z1p2ZDZ4eHhVU2RLSEd0dVNveVF1Yz18&cppv=2

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Server

178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb1e3adcd7bb27df6d344046c5bf9bfdccf8b220befd857367078dfc7103f42e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:07 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
server: Kestrel
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1264224
expires: 0

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:08 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
location: https://mug.criteo.com/sid?cpp=PzFAiXw4V2E4Y21SVXcrQW0yQjhQVTc2UWxJVzF6Um1ZWm5oRlB4RVU3bkgzVk42NDhHaUhIWUtvY1lzUXdZS1dDRUJoSXhic1ZpaUtEd0R0TzR1Nnl0T2w1UHpMZlpDZTkwQlpuL1BlTGVVZE1jM1pMWE1zZWxoUVRMNWpCNk1VWjY3TUhaeFhuZmRrZ210d01SZUhabkQ3M3hvcFR2RG42Z09ySUZ6dFBFYmNBcUsrclNtYWVzam1NQ3VtTGF0OElUZE5EWVhJNlo5Ymc0Y29tQnRld1ZCQXJlbk9OTXpZcEFvSHMrSjUzTTZGQjV5RjUrL0NJbSsrMmVPR29IQ0JoejJhQzU2SHQrSWFoR05tQVdPaWtxWVd2Z1p2ZDZ4eHhVU2RLSEd0dVNveVF1Yz18&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 250497
content-length: 0
expires: 0

GET
H2 200 banner-1_IODiXywGx.jpg
ik.imagekit.io/carscoza/homepage/ 62 KB
63 KB 21ms
21ms Image
image/webp 2600:9000:21f3:ea00:15:c281:3500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ik.imagekit.io/carscoza/homepage/banner-1_IODiXywGx.jpg?ik-sdk-version=javascript-1.4.3&updatedAt=1648730961131
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:ea00:15:c281:3500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: aab0bd18f5bdf4d338a9261ca664b96ca79b116ef8f24a7236973a487f188cf6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 08:04:02 GMT
via: 1.1 91ba7c34719cd9c69e0357c149b94b90.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 175146
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 63910
x-request-id: ed31f168-db1e-48a0-875f-ab9a6d67aa45
last-modified: Thu, 13 Apr 2023 06:56:29 GMT
etag: "38a78a7bb0a1f156d54ecf43624bbbf7"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: J9u97cxZ1fnSxezTGmIGhNthWdrZ_aPRhbMKqL1KwN7sDsFm9gLULA==

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 69ms
19ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herfs3vxf.ruiertyuiokjn26.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 03:30:27 GMT
x-content-type-options: nosniff
age: 277961
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 03:30:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 74ms
25ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@400;500;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herfs3vxf.ruiertyuiokjn26.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 17:04:15 GMT
x-content-type-options: nosniff
age: 229133
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 17:04:15 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
218 B 28ms
28ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=28965531&t=pageview&_s=1&dl=https%3A%2F%2Fherfs3vxf.ruiertyuiokjn26.tk%2F&ul=en-us&de=UTF-8&dt=Cars%20for%20Sale%20in%20South%20Africa%2C%20Buy%20new%20%26%20used%20-%20Cars.co.za&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEABAAAAACAAI~&jid=1650918585&gjid=1042594766&cid=886274917.1690274589&tid=UA-1534990-2&_gid=2013409252.1690274589&_slc=1&gtm=45He37o0n71PGKNJW&z=1072298072

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
359 B 85ms
27ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-1534990-2&cid=886274917.1690274589&jid=1650918585&gjid=1042594766&_gid=2013409252.1690274589&_u=YGBAgEABAAAAAGAAI~&z=178542766

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 25 Jul 2023 08:43:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
264 B 87ms
36ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YX7CEM5R3Y&gtm=45je37o0&_p=28965531&_gaz=1&ir=&cid=886274917.1690274589&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1690274588&sct=1&seg=0&dl=https%3A%2F%2Fherfs3vxf.ruiertyuiokjn26.tk%2F&dt=Cars%20for%20Sale%20in%20South%20Africa%2C%20Buy%20new%20%26%20used%20-%20Cars.co.za&en=page_view&_fv=1&_ss=2&_c=1&ep.referrer=&ep.trigger=%22dom%22&up.version=non%20spa
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX7CEM5R3Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
47 B 28ms
27ms Ping
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-YX7CEM5R3Y&cid=886274917.1690274589&gtm=45je37o0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX7CEM5R3Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:08 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 97ms
45ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-YX7CEM5R3Y&cid=886274917.1690274589&gtm=45je37o0&aip=1&z=1668039229

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 877296132794685 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 24ms
21ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/877296132794685?v=2.9.116&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

782e4c0f9402250795f129a2df81e489a3c2e92a1180ca3e239c8a5c87bb79be

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 25 Jul 2023 08:43:08 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110102
x-xss-protection: 0
pragma: public
x-fb-debug: aLijheDjvNrMbQ5/zAngZqnkAcp/6hDlTLVxT1gzCPiJFonxCMazQ9vslFYy6iqJNuqR8aEj7i64+KzZ5fLZbw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 106ms
51ms Image
image/gif 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1534990-2&cid=886274917.1690274589&jid=1650918585&_u=YGBAgEABAAAAAGAAI~&z=908733445

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 78ms
46ms Image
image/gif 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-1534990-2&cid=886274917.1690274589&jid=1650918585&_u=YGBAgEABAAAAAGAAI~&z=908733445

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:08 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fbcde818 Show response
settings.luckyorange.com/ 149 B
239 B 147ms
145ms Fetch
application/json 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/fbcde818
Requested by: Host: tools.luckyorange.com
URL: https://tools.luckyorange.com/core/lo.js?site-id=fbcde818
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash: 5e0211be9c8eb7e8d51dc8c1ba337c77361a1b45f9c087ede589f48f552973f2

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
accept-language: de-DE,de;q=0.9
x-lucky-uid: undefined
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
x-lucky-referrer

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
via: 1.1 google
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149

OPTIONS
H2 200 fbcde818
settings.luckyorange.com/ Frame 0
0 193ms
136ms Preflight 34.107.203.234
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://settings.luckyorange.com/fbcde818
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.203.234 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 234.203.107.34.bc.googleusercontent.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-lucky-referrer,x-lucky-uid
Access-Control-Request-Method: GET
Origin: https://herfs3vxf.ruiertyuiokjn26.tk
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Origin,Authorization,Content-Type,X-Lucky-Uid,X-Lucky-Site-Id,X-Lucky-Impersonate,X-Lucky-Session-Id,X-Lucky-Referrer
access-control-allow-methods: POST,GET,PUT,PATCH,DELETE,OPTIONS
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
access-control-max-age: 86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
date: Tue, 25 Jul 2023 08:43:08 GMT
via: 1.1 google

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 66ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=877296132794685&ev=PageView&dl=https%3A%2F%2Fherfs3vxf.ruiertyuiokjn26.tk%2F&rl=&if=false&ts=1690274588868&sw=1600&sh=1200&v=2.9.116&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1690274588867.1826207154&cs_est=true&it=1690274588796&coo=false&eid=1690275073443_16902749202272&tm=1&rqm=GET

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jul 2023 08:43:08 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 22ms
21ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=877296132794685&ev=Microdata&dl=https%3A%2F%2Fherfs3vxf.ruiertyuiokjn26.tk%2F&rl=&if=false&ts=1690274589381&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Cars%20for%20Sale%20in%20South%20Africa%2C%20Buy%20new%20%26%20used%20-%20Cars.co.za%22%2C%22meta%3Adescription%22%3A%22Buying%20a%20new%20or%20used%20car%20online%20is%20simple%20with%20Cars.co.za%20-%20South%20Africa%27s%20leading%20car%20advertising%20website.%22%7D&cd[OpenGraph]=%7B%22twitter%3Aaccount_id%22%3A%224503599627483544%22%2C%22og%3Atitle%22%3A%22Cars%20for%20Sale%20in%20South%20Africa%2C%20Buy%20new%20%26%20used%20-%20Cars.co.za%22%2C%22og%3Adescription%22%3A%22Buying%20a%20new%20or%20used%20car%20online%20is%20simple%20with%20Cars.co.za%20-%20South%20Africa%27s%20leading%20car%20advertising%20website.%22%2C%22og%3Asite_name%22%3A%22Cars.co.za%22%2C%22og%3Alocale%22%3A%22en_US%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fhdfjklkjhgfyu658.tk%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fimg-ik.cars.co.za%2Fgeneral%2Fsquare-logo_LSEDwbeXVn.png%3Ftr%3Dw-200%22%2C%22og%3Aimage%3Awidth%22%3A%22300%22%2C%22og%3Aimage%3Aheight%22%3A%22300%22%2C%22og%3Aimage%3Asize%22%3A%22300x300%22%2C%22og%3Aimage%3Aalt%22%3A%22Cars.co.za%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.116&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1690274588867.1826207154&it=1690274588796&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Jul 2023 08:43:09 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/ 385 KB
122 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:06:08 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2221
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 125179
x-xss-protection: 0
server: cafe
etag: 2430563369519042680
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Wed, 24 Jul 2024 08:06:08 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 50 B
75 B 97ms
54ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=herfs3vxf.ruiertyuiokjn26.tk

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

466c4b6f4f9ceb1f54c5186c70a5fb7a57736077ed446475b1f048f7643f2fd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51
x-xss-protection: 0
expires: Tue, 25 Jul 2023 08:43:09 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 21ms
20ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herfs3vxf.ruiertyuiokjn26.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 23:01:51 GMT
x-content-type-options: nosniff
age: 207678
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15700
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:51:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 23:01:51 GMT

POST
H2 403 / Show response
o4504869871026176.ingest.sentry.io/api/4504886696935424/envelope/ 56 B
351 B 104ms
24ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4504869871026176.ingest.sentry.io/api/4504886696935424/envelope/?sentry_key=52d63ea0fdce4f92bf5300b25417df2c&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.43.0

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/_app-c8c4214d0669ff5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56

GET
H3 200 ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 15 KB
15 KB 25ms
24ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-33mZGCQYbw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto+Condensed:wght@300;400;700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://herfs3vxf.ruiertyuiokjn26.tk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 14:23:45 GMT
x-content-type-options: nosniff
age: 238764
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15528
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:53:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 Jul 2024 14:23:45 GMT

GET
H2 200 Ford-Everest-vs-Toyota-Fortuner.jpg
img-ik.cars.co.za/news-site-za/images/2023/06/ 30 KB
30 KB 25ms
24ms Image
image/webp 2600:9000:2057:6200:3:a1d:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ik.cars.co.za/news-site-za/images/2023/06/Ford-Everest-vs-Toyota-Fortuner.jpg?tr=h-250%2Cw-350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:3:a1d:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5c97b80b9c30ef010c2128858a8f50ef370f77e493d5b250e832768f02f0af06

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 12:13:50 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 73759
x-cache: Hit from cloudfront
content-length: 30440
x-request-id: db78f30d-7452-431f-bb93-c77e091e56ec
etag: W/"76e8-FbCbqCaloPUDlcV5VBgy0wjfnN4"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: ru5-u16G9bVMuSefQcnygNttk2HuUotkjMM0628IY4fnT9MLk7oolQ==

GET
H2 200 sddefault.jpg
img.youtube.com/vi/-jVVcxH--Tk/ 64 KB
64 KB 20ms
20ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://img.youtube.com/vi/-jVVcxH--Tk/sddefault.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b7120573894b7a8c5e1b5145c8bb632e3c34cb1904c6878a045c101a736ec9b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:38:11 GMT
x-content-type-options: nosniff
age: 298
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65813
x-xss-protection: 0
server: sffe
etag: "1689935736"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/jpeg
cache-control: public, max-age=7200
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 25 Jul 2023 10:38:11 GMT

GET
H2 200 event Show response
sslwidget.criteo.com/ 10 KB
4 KB 104ms
35ms Script
application/x-javascript 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://sslwidget.criteo.com/event?a=83535&v=5.16.1&p0=e%3Dce%26m%3D%255B%255D%26h%3D&p1=e%3Dexd%26z%3D%26site_type%3Dd&p2=e%3Dvh%26tms%3Dgtm-custom&p3=e%3Ddis&adce=1&bundle=Bi3MJF9wbkltckl5U2FRbmVRYk5NQ1Y2bzdlUXJXZkNkWWtWZFM2MWFnODhBMXhrY29wWFJ1RXJXcjhCNHNrMnhPUU8xdGJLdXpUNVF0RjZ5WDRUSHhFU09ldlZWMHVkRnElMkJGUTJ1NENEb0pqVTNpRU8lMkZrc0JpSzNGTmh5WkxLZ3p1dk9MViUyQmFOcGg5TjFBMUZ0MHZodVNQZUJJSnRiOEZERnpaN3k2bkk0NThHJTJCSSUzRA&tld=ruiertyuiokjn26.tk&dy=1&fu=https%253A%252F%252Fherfs3vxf.ruiertyuiokjn26.tk%252F&ceid=04aa401b-42f5-4337-bcb1-478247eaad8d&dtycbr=26009

Requested by

Host: dynamic.criteo.com
URL: https://dynamic.criteo.com/js/ld/ld.js?a=77642

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

943552f9c0efcdca7a9252f15394da4d0d8ba74974491cd51e95bb4f3dae84c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:08 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
server: Kestrel
content-type: application/x-javascript
access-control-allow-origin: *
p3p: NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 7425593
timing-allow-origin: *
expires: 0

GET
H2 200 config Show response
api.cars.co.za/fw/public/v1/ 276 B
530 B 286ms
222ms Fetch
application/json 2606:4700::6812:43a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api.cars.co.za/fw/public/v1/config
Requested by: Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/_app-c8c4214d0669ff5d.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:43a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/8.1.3
Resource Hash: 55e5934e0783991d1c06c32a229d8bac35db357b20c241f6ab90e92bf56eff52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 25 Jul 2023 08:37:29 GMT
server: cloudflare
x-powered-by: PHP/8.1.3
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=300, public, s-max-age=3600, stale-if-error=86400, stale-while-revalidate=300
cf-ray: 7ec31d1aef9991f9-FRA
access-control-allow-headers: Content-Type, Accept, Authorization, X-Requested-With

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 38 KB
15 KB 73ms
73ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1152260281831695&correlator=2668250344682711&eid=31075028&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=3590831%2CNEW-HomePage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&ifi=1&adks=2213011000&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1690274589859&lmt=1690274589&adxs=991&adys=883&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fherfs3vxf.ruiertyuiokjn26.tk%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=4&ohw=300&ga_vid=886274917.1690274589&ga_sid=1690274590&ga_hid=28965531&ga_fc=true&dlt=1690274588179&idt=1333

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/_app-c8c4214d0669ff5d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

334255f6fa70c1d7baca1f55ff15ebd3bb0091e66aab2094a099d7d5a9d78609

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15271
x-xss-protection: 0
google-lineitem-id: 6343162995
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138439827769
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
12 KB 130ms
73ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202307180101&st=env

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/_app-c8c4214d0669ff5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0d18ae701c14c96d4b020812342207f8772da34ce20f68f7ce93c5cfe8f924ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11882
x-xss-protection: 0

GET
H2 200 container.html Show response
c47cc4beca060a508f28cfa16ea9e190.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F070 6 KB
3 KB 98ms
31ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://c47cc4beca060a508f28cfa16ea9e190.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:43:09 GMT
expires: Wed, 24 Jul 2024 08:43:09 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 11 KB
5 KB 74ms
74ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1152260281831695&correlator=1592233903215653&eid=31075028&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=3590831%2CNEW-HomePage_1x1&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&adks=1595886029&sfv=1-0-40&ists=1&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1690274589870&lmt=1690274589&adxs=0&adys=59&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fherfs3vxf.ruiertyuiokjn26.tk%2F&frm=20&vis=1&psz=1600x0&msz=1600x-1&fws=4&ohw=1600&ga_vid=886274917.1690274589&ga_sid=1690274590&ga_hid=28965531&ga_fc=true&dlt=1690274588179&idt=1333

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/_app-c8c4214d0669ff5d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e7cb70b50f2684948b20373002c106d7688a1765c0f9cebee1c920e4b93319a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5481
x-xss-protection: 0
google-lineitem-id: 6343162995
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138439145120
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 37 KB
15 KB 77ms
77ms XHR
text/plain 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1152260281831695&correlator=3120947909964058&eid=31075028&output=ldjh&gdfp_req=1&vrg=202307180101&ptt=17&impl=fif&iu_parts=3590831%2CNEW-HomePage_728x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=3&adks=2159217519&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1690274589874&lmt=1690274589&adxs=317&adys=4314&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fherfs3vxf.ruiertyuiokjn26.tk%2F&frm=20&vis=1&psz=966x0&msz=966x0&fws=4&ohw=966&ga_vid=886274917.1690274589&ga_sid=1690274590&ga_hid=28965531&ga_fc=true&dlt=1690274588179&idt=1333

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/_app-c8c4214d0669ff5d.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f799755b8d2ddac438ffa91d657fc01c00ad514b898022ec76383018c3a905d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15604
x-xss-protection: 0
google-lineitem-id: 6343162995
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138439144934
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 520 6999-21bfc1ff519166f6.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 484ms
483ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/6999-21bfc1ff519166f6.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AyM%2FF17ZB70AOWABZ4xyWF1yrlvZPZLFyqfXry0HNSvCWHSLiReK6v94eBk8KwTTNpWykxV2zlzPlWLbX4Jd%2F5RFjwwG6P4R8RfqhCcg%2Fis49SINPaoTCuTkhQiHJZjry4qE%2FIdfmSooEl1D%2BHHXn2AIOGmYipptc28B"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb576945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 9628-d08563bc504ae047.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 484ms
479ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/9628-d08563bc504ae047.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6J5pv0ZOVUVX7a%2Br5FHkACxnhIogQ42%2FThOern7RSYomHyz9%2B46INRMY4K3aa%2BZgidxa0D%2BXpHwE1G455ompSpArDv3j%2B82t3ToMUWb4nnuHG5idG5Um9eABlkHyW%2B8XFoIsh3YUUEhrdDuvdmliLdGjMZD4PUsVNDdF"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb5c6945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 sell-car-c8071101181cef67.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/ 0
0 485ms
479ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/sell-car-c8071101181cef67.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XBGya4hm9Rn0g5Y%2B2l8nymOJ9MYyByehuppSN8Vj5pMmIHrI4t8%2BS7r2TFeDAFLYmv5vYxH0aKkVpOSTzhgoDRCe9o%2Br0hnM5jEALsJIQPSW8resQl4H%2BSoFCA1fhPd9jcrIjiXS2yzgOagFwR%2BSxzZx6IYeidlmcfjr"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb626945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 8615-38346467ec041ce5.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 505ms
500ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/8615-38346467ec041ce5.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2BESW37UF18tdKah%2BKwxw9X7coacVSSSUa0UE7LRK7ngeWngU%2FwhTd7JUil5rqUPYNDXrU0WuMKHRRwofx2bA0bOxV2oxjcEQAHbQSdG6SJfio5VSYQ6fGd2Y8e7mThQ2m%2FNaL4fZy2AeE7PQ5HzZGxNmJM4662fK7%2Bj"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb636945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 843-1fbf6e6a914ae6b8.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 461ms
456ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/843-1fbf6e6a914ae6b8.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s8pUSgr%2BK6FvmzsIuK8YFROhd1wjjm0KoyCV5geYAnxdNsopEwSbq5Ay%2FxB6wUM9uS2r4fdM%2F5AFKk48dQNmGXf1f5%2BeiAhI3JRILWkhoX3dKiDASouGyww6Qcd1eZnFMbvulKqq1%2BmY4P%2FHwpc%2BgAl31NS3P%2Bjouf1Z"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb656945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 9046-63ac3a13267b04c3.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 505ms
500ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/9046-63ac3a13267b04c3.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3ST8Se2lAPDJXWxE9A6BGmgxin%2F9ixYAUcpec9ouz4TEsoYsd4DxxiEODHRfsauUXr0l9aj0NSgIVuYVRlsV3zWQRXCwrYTTRbTm3A4fFfWRXdWnEK8N51WHL8I2po1diLBGD5bLyINFZtp6kV7cqDcw3Um8u3HUJw1O"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb676945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 wishlist-e871f5049c1732a8.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/ 0
0 505ms
500ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/wishlist-e871f5049c1732a8.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oB003lvLAT99EjCUBvMfkWZ3Z9hTk4UmcVgFFh9Ae4F0v%2FWWzkdZDsMhvkETiOf2RU0ExFSMLhWmfYZjC0FjmrWTa9G4Yt422J2leuiCDg0PFVHgI2%2F2OJvIKGAGYXY6qFVXuE6ZVmI3iUdAqHnJhAWFg5d9R3sbPBbr"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb696945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 3936-a415d48d114b9fa9.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 504ms
501ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/3936-a415d48d114b9fa9.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GSFCrok1TxT1XxKXzqoZz%2BbnpR2Rzbvx4ByIwZx0uE%2BRnwuGC3KLky1T371ezUCFcaH8J1kfO5ie10X9LmTZfH%2FWJDgY%2BVz2MCwIVSeCfWi0wvuPaO59sbLd2%2BHVKQ%2F7SukV5yw%2BOIJk%2BsjTBxTFxPBpYdBVF5MWLrOV"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb6a6945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 5480-dbbc3a452dbd2faa.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 505ms
501ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/5480-dbbc3a452dbd2faa.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iQpAAKF3fe6fYA0%2FGkspYQ7dXlxr5d4xfKgiVUETZMirIcfnk%2BascRWohMFAST%2BHbMvnHfetTghXLDUDTKuQ3tBirrMvf6rkf5W0d6KXKEQH7eN9zZIIw9Zfly4MJXqqbp29X3kcZsqFYG6ayVK%2BlPgx19i09aivOk36"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb6b6945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 6760-71527aeac92bedbe.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 506ms
502ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/6760-71527aeac92bedbe.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=X4eya7EUbrM5jMSac8vfUcwyO%2BR5s7WOIn77fTXmOpzNkQHU8Sx2L%2Bt%2FURZVXF41tB%2FcF1DC9RVIij%2F%2BPHwAEp3H3X%2FRuz9tdTQTt6STZVIRLBN3qQ5Fj3HEsXozrw7OwtnmxX7KI2MnLDTwKQaF1lNO1ixY6y82SJxi"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb6d6945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 5113-5df76eb4142ed482.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 523ms
519ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/5113-5df76eb4142ed482.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=913lVtS%2FLBYDeb0hLmgoF%2FOm3zBDHpmKHtK9EeVVzownld3pXZeoFNJgXMMckeo8x9Z2VR5%2F8SNYxbWKX6uZAb5nMz9pEJWBKYCNZg8xx1Wzwweo5WVNBu1yLpDdYspK8sgYRnaBQ5E6ltyHht8CEdKvu4ulC1GKujnL"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb6e6945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 4907-ab8a5cbbfbc1c79e.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 523ms
520ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/4907-ab8a5cbbfbc1c79e.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eToMxXbVZQIr43fnM%2F%2FgHjFzWCp6MgvN5Ye41X6XxtgTbGKjAQnGusqHzuHosVy062KEg43fPw0k78naqK8%2Ba9HMpF%2FLM8W6mKp5NiIQjLLBi0Y3MyJkBFYHYb5P8jN24AEm05c2YpP0xolaGs%2B4CcD0bz8FzvphDmEc"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb6f6945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 usedcars-32490ae3ad9c7cc9.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/ 0
0 460ms
457ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/usedcars-32490ae3ad9c7cc9.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9v7LcNN7DaIs%2FzLj4v9dAWnjtYWy%2BRjaOnwAJF%2FPiTDW3xXn1H2PPbAQs1Hcrb85BoLy0lfdb9OGw2n8ZRhgwXy3LfVD7rpw6Qxdb8QxExnMVDt3LNLHuNNeheI7IB2stsAz5lgCcHiM17uMN5qh8MEH00U3ws7GOZVd"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb706945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 6358-235359d0c9466cdd.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/ 0
0 524ms
521ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/6358-235359d0c9466cdd.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0SGkhrEmONXIOreqbs0QzRWotH0iaD89i9K7jRhcMHlRfCE7yvuP195P36nx5H7AWMOcnlOxBxlSYgVQW9nkehJ0%2BDM5uARHURdPjDcbivCJp6Yn8Uibmzb4XlU04Nj9LR8N9X%2F9IL%2F2Jk9lJeq%2FG7oD5eVy3%2F63BmHA"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb726945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H3 520 motoring-news-b031bb1a39441f81.js
herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/ 0
0 525ms
522ms Other
text/html 2a06:98c1:3120::3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/motoring-news-b031bb1a39441f81.js

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/main-eb475addadb44b60.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a06:98c1:3120::3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
referrer-policy: same-origin
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sYN5OyG%2FiwSqopqXL06yuJB4bKEZRqr7ynbdMRIzOlKOog12bvBluPiwxR1gnHdvxv13fgCRrZpysVmIpqTtQJfDp85kL5J%2BVITPrt1LWQJgQ7Xw1R1F8cziS5vEgBbZ%2F22%2Bkwj%2BbVzk%2BkinV3o5%2FmdaDv%2B2%2FJ2EdbdU"}],"group":"cf-nel","max_age":604800}
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-ray: 7ec31d1adb756945-FRA
alt-svc: h3=":443"; ma=86400
content-length: 7226
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 69CC 43 B
146 B 98ms
22ms Image
image/gif 35.158.171.190
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?dsp_id=46&user_id=k-4JxesJpBeJINCzcybtD3uQGoCmKda7gKYWffMg&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.171.190 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-171-190.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 69CC
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-GIUxLJpBeJINCzcybtD3uQGoCmLbphK-dOvYRQ&google_cm&google_hm=ay1HSVV4TEpwQmVKSU5DemN5YnREM3VRR29DbUxicGhLL...
https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-GIUxLJpBeJINCzcybtD3uQGoCmLbphK-dOvYRQ&google_cm=&google_hm=ay1HSVV4TEpwQmVKSU5DemN5YnREM3VRR29DbUxicGh...
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GIUxLJpBeJINCzcybtD3uQGoCmLbphK-dOvYRQ&google_gid=CAESEK4UJe506K-URszlS35Tyb0&google_cver=1&google_ula=913071,0

43 B
369 B

31ms
28ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GIUxLJpBeJINCzcybtD3uQGoCmLbphK-dOvYRQ&google_gid=CAESEK4UJe506K-URszlS35Tyb0&google_cver=1&google_ula=913071,0

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 709249
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:10 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-GIUxLJpBeJINCzcybtD3uQGoCmLbphK-dOvYRQ&google_gid=CAESEK4UJe506K-URszlS35Tyb0&google_cver=1&google_ula=913071,0
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 398
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 69CC
Redirect Chain

https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6713900658213081969

43 B
370 B

29ms
29ms

Image
image/gif

178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6713900658213081969

Protocol

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:09 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1623677
timing-allow-origin: *
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:10 GMT
an-x-request-uuid: 56efd9a5-6447-4e63-afc7-b7b89d6f97a4
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=6713900658213081969
x-proxy-origin: 217.114.218.26; 217.114.218.26; 950.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

bounce
secure.adnxs.com/ Frame 69CC
Redirect Chain

https://secure.adnxs.com/setuid?entity=52&code=k-E3j315pBeJINCzcybtD3uQGoCmJYZGHWN62j2A
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-E3j315pBeJINCzcybtD3uQGoCmJYZGHWN62j2A

43 B
903 B

37ms
36ms

Image
image/gif

185.89.210.122
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-E3j315pBeJINCzcybtD3uQGoCmJYZGHWN62j2A

Protocol

Server

185.89.210.122 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:10 GMT
an-x-request-uuid: ba036420-0b29-4c08-8d45-3e5269e902aa
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-store, no-cache, private
access-control-allow-credentials: true
x-proxy-origin: 217.114.218.26; 217.114.218.26; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 43
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:10 GMT
an-x-request-uuid: 2158b8c1-5652-4969-9f56-3a2edd6b354d
server: nginx/1.21.3
accept-ch: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type: text/html; charset=utf-8
location: https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-E3j315pBeJINCzcybtD3uQGoCmJYZGHWN62j2A
cache-control: no-store, no-cache, private
x-proxy-origin: 217.114.218.26; 217.114.218.26; 954.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length: 0
x-xss-protection: 0
expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cksync.php
contextual.media.net/ Frame 69CC 61 B
793 B 192ms
99ms Image
image/gif 184.30.20.22
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-NYYH8ppBeJINCzcybtD3uQGoCmJUFcBqZiWUSg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.30.20.22 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a184-30-20-22.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 25 Jul 2023 08:43:10 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
content-length: 61
x-mnet-hl2: E
expires: Tue, 25 Jul 2023 08:43:10 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 69CC 0
239 B 102ms
23ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-QaayKZpBeJINCzcybtD3uQGoCmKDSApvHX08xA&expires=30
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 204 v1
match.sharethrough.com/sync/ Frame 69CC 0
365 B 98ms
25ms Image
text/plain 35.158.240.125
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-RSjE_JpBeJINCzcybtD3uQGoCmK8SNwkBmVHPA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.240.125 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-240-125.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT

GET
H2 200 /
rtb-csync.smartadserver.com/redir/ Frame 69CC 43 B
114 B 141ms
36ms Image
image/gif 185.86.139.104
SMARTADSERVER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-3C7tSppBeJINCzcybtD3uQGoCmK6Lpe7qFtgkA
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.139.104 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
content-type: image/gif

GET
H2 200 /
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 69CC 0
99 B 133ms
30ms Image
text/plain 141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-QzC5qZpBeJINCzcybtD3uQGoCmKzP3FFZSYmcw
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 27073

GET
H2 200 um
criteo-sync.teads.tv/ Frame 69CC 23 B
163 B 162ms
55ms Image
image/gif 104.75.89.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-sync.teads.tv/um?eid=80&uid=k-g3FUrppBeJINCzcybtD3uQGoCmItZBYjmg5LMw
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-75-89-75.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.10 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

expires: Tue, 25 Jul 2023 08:43:10 GMT
pragma: no-cache
date: Tue, 25 Jul 2023 08:43:10 GMT
cache-control: max-age=0, no-cache, no-store
server: akka-http/10.2.10
content-length: 23
content-type: image/gif

GET
H2 200 xuid
eb2.3lift.com/ Frame 69CC 37 B
140 B 78ms
23ms Image
image/gif 13.248.245.213
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2711&xuid=k-RKqPZJpBeJINCzcybtD3uQGoCmK2tDdHCi7K4w&dongle=013b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

GET
H2 204 sync
ups.analytics.yahoo.com/ups/58301/ Frame 69CC 0
125 B 108ms
24ms Image
text/plain 3.75.62.37
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-OzqFNppBeJINCzcybtD3uQGoCmJ_j83Ycv8qeg

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

3.75.62.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-75-62-37.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.10.64 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
strict-transport-security: max-age=31536000
server: ATS/9.1.10.64
age: 0
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 pixel
cm.adform.net/ Frame 69CC 43 B
162 B 101ms
30ms Image
image/gif 37.157.2.234
ADFORM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/pixel?adform_pid=15&adform_pc=k-VjD515pBeJINCzcybtD3uQGoCmLwUtqm-tJ6Ww
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.2.234 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
last-modified: Thu, 28 Jul 2022 12:09:37 GMT
server: nginx
accept-ranges: bytes
etag: "62e27c81-2b"
content-length: 43
content-type: image/gif

GET
H2 200 sync
visitor.omnitagjs.com/visitor/ Frame 69CC 49 B
342 B 142ms
44ms Image
image/gif 185.255.84.152
IGUANE-

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-hRJskZpBeJINCzcybtD3uQGoCmIRyQzyW_ohXg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.152 , France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:09 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
p3p: CP="CAO PSA OUR"
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 2
content-length: 49
expires: 0

GET
H/1.1

200
OK

rum
r.casalemedia.com/ Frame 69CC
Redirect Chain

https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hxgzE5pBeJINCzcybtD3uQGoCmK8IxuNM81H5g
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hxgzE5pBeJINCzcybtD3uQGoCmK8IxuNM81H5g&C=1

43 B
766 B

33ms
33ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-hxgzE5pBeJINCzcybtD3uQGoCmK8IxuNM81H5g&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:43:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:43:10 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=20&external_user_id=k-hxgzE5pBeJINCzcybtD3uQGoCmK8IxuNM81H5g&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 69CC
Redirect Chain

https://gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
https://dpm.demdex.net/ibs:dpid=28645&dpuuid=z9bD5RYgKSZ5blxHQOoFDypfoDdaRaV5
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=z9bD5RYgKSZ5blxHQOoFDypfoDdaRaV5

42 B
942 B

47ms
47ms

Image
image/gif

52.18.94.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=z9bD5RYgKSZ5blxHQOoFDypfoDdaRaV5

Protocol

HTTP/1.1

Server

52.18.94.124 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-18-94-124.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v050-0b5931b43.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: rdz9lqb+QrQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v050-055da0303.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: s2XamA59TPk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=z9bD5RYgKSZ5blxHQOoFDypfoDdaRaV5
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200 9.gif
id5-sync.com/s/966/ Frame 69CC 43 B
1 KB 86ms
22ms Image
image/gif 162.19.138.82
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://id5-sync.com/s/966/9.gif?puid=k-yphaZJpBeJINCzcybtD3uQGoCmLn7AoQ3Gwebg

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

162.19.138.82 Frankfurt am Main, Germany, ASN16276 (OVH, FR),

Reverse DNS

ns31532337.ip-162-19-138.eu

Software

Resource Hash

a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif;charset=UTF-8
date: Tue, 25 Jul 2023 08:43:09 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding: chunked
p3p: CP="CAO PSA OUR"

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame 69CC
Redirect Chain

https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-JkFM5ppBeJINCzcybtD3uQGoCmKxsevSIsxFtw
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JkFM5ppBeJINCzcybtD3uQGoCmKxsevSIsxFtw

43 B
447 B

46ms
46ms

Image
image/gif

54.246.170.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JkFM5ppBeJINCzcybtD3uQGoCmKxsevSIsxFtw
Protocol: H2
Server: 54.246.170.49 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-246-170-49.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 25 Jul 2023 08:43:10 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-JkFM5ppBeJINCzcybtD3uQGoCmKxsevSIsxFtw
access-control-allow-origin: *
date: Tue, 25 Jul 2023 08:43:10 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 sync
matching.ivitrack.com/ Frame 69CC 42 B
274 B 81ms
29ms Image
image/gif 34.117.157.22
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://matching.ivitrack.com/sync?realm=criteo&uid=k-q-Ssy5pBeJINCzcybtD3uQGoCmIh1G0YfPQp8w
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.157.22 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 22.157.117.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:09 GMT
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
server: istio-envoy
content-type: image/gif
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 push
exchange.mediavine.com/usersync/ Frame 69CC 0
880 B 105ms
25ms Image
text/html 54.93.45.192
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-nAn-C5pBeJINCzcybtD3uQGoCmJgRyb29YCDoA
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.45.192 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-45-192.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
cache-control: private, no-cache
access-control-allow-credentials: true
content-encoding: gzip
vary: Origin, Accept-Encoding
content-type: text/html; charset=utf-8

GET
H/1.1 200
OK cookie-sync
sync.outbrain.com/ Frame 69CC 0
145 B 454ms
111ms Image
text/plain 64.202.112.223
AS-OUTBRAIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-tFP6sJpBeJINCzcybtD3uQGoCmLpsAMsKQA-7g&initiator=partner
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 64.202.112.223 , United States, ASN22075 (AS-OUTBRAIN, US),
Reverse DNS: ny.outbrain.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Date: Tue, 25 Jul 2023 08:43:10 GMT
Cache-Control: no-cache
X-TraceId: 5b7dcea7cb48c5d6f4b0a5f4411fcf13
Content-Length: 0

GET
H2 200 Pug
simage2.pubmatic.com/AdServer/ Frame 69CC 42 B
582 B 148ms
40ms Image
image/gif 185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-59LbQ5pBeJINCzcybtD3uQGoCmJBOzkg_rZ-ZQ
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Tue, 25 Jul 2023 08:43:10 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 sync
criteo-partners.tremorhub.com/ Frame 69CC 43 B
399 B 355ms
105ms Image
image/gif 2600:1f18:612b:4216:fdfc:8841:31a4:a88b
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://criteo-partners.tremorhub.com/sync?UICR=k-4GnU-ZpBeJINCzcybtD3uQGoCmIaAQGhXnknEg
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4216:fdfc:8841:31a4:a88b Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
date: Tue, 25 Jul 2023 08:43:10 GMT
server: nginx
content-type: image/gif

GET
H/1.1 204
No Content m
ad.yieldlab.net/ Frame 69CC 0
400 B 178ms
84ms Image
text/plain 23.35.237.75
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.yieldlab.net/m?dt_id=8664&ext_id=k--NIVhZpBeJINCzcybtD3uQGoCmIZqxuVZoFhrQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.237.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-75.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Jul 2023 08:43:10 GMT
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection: keep-alive
Expires: Mon, 24 Jul 2023 08:43:10 GMT

GET
H2 200 sync
sync-criteo.ads.yieldmo.com/ Frame 69CC 0
38 B 186ms
47ms Image
text/plain 52.30.155.207
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-criteo.ads.yieldmo.com/sync?id=k-pWaHf5pBeJINCzcybtD3uQGoCmLQbV0TGuNECg&pn_id=criteo&ext=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.155.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-30-155-207.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
content-length: 0

GET
H2 204 put
e1.emxdgt.com/ Frame 69CC 0
44 B 77ms
20ms Image
text/plain 18.194.63.102
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://e1.emxdgt.com/put?d=d53&uid=k-u0Hf-5pBeJINCzcybtD3uQGoCmJ6MK-1L3XL2w
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.63.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-194-63-102.eu-central-1.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
server: awselb/2.0

GET
H2 200 raider-x-new-lead.jpg
img-ik.cars.co.za/news-site-za/images/2023/07/ 7 KB
8 KB 26ms
25ms Image
image/webp 2600:9000:2057:6200:3:a1d:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ik.cars.co.za/news-site-za/images/2023/07/raider-x-new-lead.jpg?tr=h-134%2Cw-200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:3:a1d:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 20e6cc35d047b9965f86031c0c9f474feedd8c60525d2f11d63ae2c25239525d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 16:54:16 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 402533
x-cache: Hit from cloudfront
content-length: 7220
x-request-id: 4db4e0e4-0d11-4692-ad7c-689b27dc5b59
etag: W/"1c34-c0x3g8lpNDnDOFrtn2NTUawCNGY"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: owNfatmTc9hhEsQOVGuxozsXtCjHnsz6CsW5_eSPyOFi8i-HRuLm9A==

GET
H2 200 wild-x-1.jpg
img-ik.cars.co.za/news-site-za/images/2023/03/ 14 KB
14 KB 30ms
29ms Image
image/webp 2600:9000:2057:6200:3:a1d:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ik.cars.co.za/news-site-za/images/2023/03/wild-x-1.jpg?tr=h-134%2Cw-200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:3:a1d:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c4a7b83739ac3e70d85ea8155bb89e7c688f935e360787ecf8cd0b3d980cf8c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sun, 23 Jul 2023 03:12:02 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 192667
x-cache: Hit from cloudfront
content-length: 14230
x-request-id: 0730d69d-17f8-482a-b51c-11feaba886b2
last-modified: Mon, 08 May 2023 16:30:09 GMT
etag: "82eb3ff1b82ae3fcc90f5682088e4a4a"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: KpIyfrqmEKAB4WX8ByQ_3Mm8xPW6oNarLDwqjprQn8XgaiDSHE0oYA==

GET
H2 200 Volvo-C40-Review-4.jpg
img-ik.cars.co.za/news-site-za/images/2023/07/ 5 KB
5 KB 31ms
30ms Image
image/webp 2600:9000:2057:6200:3:a1d:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ik.cars.co.za/news-site-za/images/2023/07/Volvo-C40-Review-4.jpg?tr=h-134%2Cw-200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:3:a1d:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: db579a588779c4ba0f8282d3b1571d98b314fd193301931740be7d9ba768c616

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 04:32:53 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 274216
x-cache: Hit from cloudfront
content-length: 4698
x-request-id: acc44f16-4032-41cd-ad79-4080700ff122
etag: W/"125a-EscP1d4aKclUzXFF4KuomKs9AVE"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: rCZ19N5cPCkYYM3YE6LkGN5Os85g4SE4hnLs3AKml4T5NxIrmRZMkw==

GET
H2 200 chinese-cars-lead.jpg
img-ik.cars.co.za/news-site-za/images/2023/07/ 11 KB
11 KB 33ms
31ms Image
image/webp 2600:9000:2057:6200:3:a1d:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ik.cars.co.za/news-site-za/images/2023/07/chinese-cars-lead.jpg?tr=h-134%2Cw-200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:3:a1d:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9c9a3a030b4e89b8d9bd35d475b8a3eb55e4c369021e42d3685af639a1ef71f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Sat, 22 Jul 2023 04:32:54 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 274215
x-cache: Hit from cloudfront
content-length: 10774
x-request-id: c69c3f99-e11a-41a0-8781-9f2e3fdb67b9
etag: W/"2a16-cZsxeJSkLo+wCIMXium9wmAS/Zs"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: BccJfg4DzCe4N57-OOUXmpEC5HXKxANw2W0pjBw3pcS4hs3XR2m1CA==

GET
H2 200 63-1.jpg
img-ik.cars.co.za/news-site-za/images/2023/07/ 9 KB
10 KB 35ms
34ms Image
image/webp 2600:9000:2057:6200:3:a1d:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ik.cars.co.za/news-site-za/images/2023/07/63-1.jpg?tr=h-134%2Cw-200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:3:a1d:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f013702257780d299aa0f5c08ee035f0ce968b6e61a4340b8f2bc4e22deaae71

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 18 Jul 2023 15:19:09 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 581040
x-cache: Hit from cloudfront
content-length: 9412
x-request-id: 7ece22c6-5f6b-4c0c-8d6c-b1cf2cae1ad6
etag: W/"24c4-kyX90F+rQyCnAlmX5gi1q65G4A0"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: UeUgnRfsFDhLXx5jvCEebv9SvX53i4QCpZHsHM7FW_KAhKqpfDcOWw==

GET
H2 200 Kia-Sportage-DieselReview-8.jpg
img-ik.cars.co.za/news-site-za/images/2023/07/ 10 KB
10 KB 36ms
35ms Image
image/webp 2600:9000:2057:6200:3:a1d:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ik.cars.co.za/news-site-za/images/2023/07/Kia-Sportage-DieselReview-8.jpg?tr=h-134%2Cw-200
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:3:a1d:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4fe2b8c9aa3fdffb7e10d0ba8df976dd82d30a3ab97c7ab39792b24a661b3e9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Thu, 20 Jul 2023 02:44:16 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 453533
x-cache: Hit from cloudfront
content-length: 9838
x-request-id: 1342d7b4-5290-4628-8040-dfa51f6b6374
etag: W/"266e-gBGv7SXZSaJuTrgb1Pu2dD9Eibk"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: 4hFrSCqadoYP8C42Ix44cHY2-QPMXY_m_UZdG_T-i924xUQRQnU2nw==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E485 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv56bmpNoX4FRtaARO2KZDnvy2jwUjYDrogQQycmnoBo4FWcnGE44KEzud3_OZ8jIzaaFFuu9tsluXndSyNfdrTQ-XKGBQAykVS4-tp5sFNcKdTh3M1qWBXy5aYKmCY2Q16yqYOOD1vl5o15gjJXAaegH5OejYb9TW8OXEPnyC-P8T53zrV7PkchGJX2JpdSAzvkKlOvGMmy2_iT7cEuOl7n4a00KPWdCafB2aBi976ZWYioucufa7wpkCZeVOd3JVXawMAi9O3-XAPyzsohkbAVaEreuIuq6Ud9nrdCyDGiJGPxufxZhEZBslHjiyzvLge1xaAE1Y611gUyGjVXXXOw8C2w42w6DLp&sai=AMfl-YQS1WZiF0dbYnQS2MQxFW0ZBAVCDSfdGh7ihp8czZCTl442BujwvKM7MIs203O_Ww-4M8wX6E-pz9jdUSfb5mpdX3uSRNT-l2szjcTCeyLdBUq5moxbUC6YT-l_YpOObhzE8Z6FZcsMlr2SqQvG&sig=Cg0ArKJSzMmEaLVDO3AYEAE&uach_m=[UACH]&adurl=

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Jul 2023 08:43:10 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/ Frame E485 3 KB
1 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230719/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:05:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70632
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 07 Aug 2023 13:05:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E485 179 KB
57 KB 98ms
38ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57333
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1689766554590483"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 25 Jul 2023 08:43:10 GMT

GET
H2 200 16748127311489827928
tpc.googlesyndication.com/simgad/ Frame E485 373 KB
374 KB 94ms
24ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16748127311489827928

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

80eb909c5a724d9e960f0cfc43a50aee17245d58c8ffd21ed1a68a46ca73fe2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 23:01:23 GMT
x-content-type-options: nosniff
age: 34907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 382264
x-xss-protection: 0
last-modified: Mon, 10 Jul 2023 14:21:52 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 Jul 2024 23:01:23 GMT

GET
DATA 200
OK truncated
/ Frame E485 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345b184963cc1843207b828d47578a12743b2499b632c86151b3e80d120ab49c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 103ms
102ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307180101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 25 Jul 2023 08:43:10 GMT

GET
H2 200 16911438129310665537
tpc.googlesyndication.com/simgad/ 404 KB
404 KB 141ms
102ms Image
image/jpeg 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/16911438129310665537?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

40259ac1a9f267143d158003c34c10fc0242ee60cef858f450f81ef330afcac7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 23:01:23 GMT
x-content-type-options: nosniff
age: 34907
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 413505
x-xss-protection: 0
last-modified: Wed, 12 Jul 2023 09:50:45 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 23 Jul 2024 23:01:23 GMT

GET
DATA 200
OK truncated
/ Frame 8669 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c7d08d4e7c3d76659170e4899089e6db79529e9c03edbcbaa5233fe5741ae95a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

blank.gif
www.cars.co.za/images/
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv695V_jUUgpkH6xa9v6DkdFE483LDf1HsHSNFl56TWeFX5RQWuoUn9Fnx_kZTlkFqTMA9F3PoB42o6jyKd1UoVGKPDZOgLxkfG4PBQqsFZLtoYiq0GNQ93kVbTB7u2DRQrUFqmSRK0e...
https://www.cars.co.za/images/blank.gif

43 B
299 B

106ms
35ms

Image
image/gif

2606:4700::6812:43a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cars.co.za/images/blank.gif
Protocol: H2
Server: 2606:4700::6812:43a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
cf-cache-status: HIT
cf-bgj: imgq:85,h2pri
last-modified: Mon, 03 Jul 2023 09:23:38 GMT
server: cloudflare
age: 122549
cf-polished: status=not_needed
etag: "64a2939a-2b"
vary: Accept-Encoding
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 7ec31d1cce5e3a70-FRA
content-length: 43
expires: Tue, 22 Aug 2023 15:40:35 GMT

Redirect headers

date: Tue, 25 Jul 2023 08:43:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://www.cars.co.za/images/blank.gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sedans-profile.jpg
img-ik.cars.co.za/news-site-za/images/2023/07/ 16 KB
16 KB 25ms
24ms Image
image/webp 2600:9000:2057:6200:3:a1d:1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img-ik.cars.co.za/news-site-za/images/2023/07/sedans-profile.jpg?tr=h-250%2Cw-350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:6200:3:a1d:1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7e7f55c00a2f43859900b49d1a3986378f39939e67603a7fb1664f8b835a8396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Fri, 21 Jul 2023 04:02:23 GMT
via: 1.1 21da0a66bafe2c8de8be4a4d8039346a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 362447
x-cache: Hit from cloudfront
content-length: 16144
x-request-id: def7ae20-80c3-4e00-a58b-c078d6451c3f
etag: W/"3f10-xhoxEIh01e8AOXMXJQ3z5Z9g5ac"
vary: Accept,Save-Data
access-control-allow-methods: GET
content-type: image/webp
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
timing-allow-origin: *
access-control-allow-headers: *
x-amz-cf-id: hqO_en6J-nUB0RzU4S1aQuiuVc6naQUSFeqCdndagBUMkmXi8yvg2Q==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E485 0
0 56ms
56ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuXWdB7APp3fjN6AMAc0N8fiQGyh78SJdsbWxc0RLnyMPQGlNgebYJqT3671kepIvTuqBvxt8rEwmK5LsDcLUB3qYtAYEcAL2NmySrWaPyG62Z41_yFsdFNrd8JH3JUm6Utq4ftY3UUwjKyaH2z9zEv5nSqoutCFKUoRlKjspI9Ty2epdhBzxXCSyyBQ4c703PtCMTCBti8ndMTeBDbqLpf6EpqDOXkN2z9WhLlEpDBVj8SyNnDD0TmFpxNd8aQxxLSB7X3dC9X_jrYFh9TY86bY30Uf3bsBJCa52fnilBxfqXwPPvFe4lkhZwjHuG9_AY48hd1QswLL127Syj0q-ldDGHuUMpRXXO1MxU&sai=AMfl-YThYkmSekcLR2mv7g1ek77YVTQktHWxnrD-XomtCVb0k4aGdnCXlkbYZJF_e8Io8gNQjVKG_v8TUd6Jla3YXxj5LOE01zNE1PnZJH8ZOloVLDS43fDpsPKGv3C9_uF3Q8fAfYSvhzIO-b2c3eN0&sig=Cg0ArKJSzIFb2k-6BGRPEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 25 Jul 2023 08:43:10 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 69CC
Redirect Chain

https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=sYAtNnIiMmMMNwPsCCBel8-S5XD-nucO

0
338 B

162ms
46ms

Image
text/plain

52.211.18.86
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=sYAtNnIiMmMMNwPsCCBel8-S5XD-nucO
Protocol: H2
Server: 52.211.18.86 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-211-18-86.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

x-served-by: beacon-n021-dub-prod.krxd.net
date: Tue, 25 Jul 2023 08:43:10 GMT
cache-control: private, no-cache, no-store
x-request-time: D=24 t=1690274590
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=sYAtNnIiMmMMNwPsCCBel8-S5XD-nucO
date: Tue, 25 Jul 2023 08:43:09 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 551659
content-length: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5E60 13 KB
5 KB 23ms
22ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5193
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 07:16:37 GMT
expires: Wed, 24 Jul 2024 07:16:37 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 6B6B 783 B
970 B 41ms
34ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4d13c4112daff29c49f8d5975bf56d211e6066dabf28f3582cf59931013b36c4

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-hR2jVIe8-889XHMJJZlLMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-hR2jVIe8-889XHMJJZlLMw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 25 Jul 2023 08:43:10 GMT
expires: Tue, 25 Jul 2023 08:43:10 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js Show response
pagead2.googlesyndication.com/bg/ Frame 5E60 37 KB
14 KB 70ms
25ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/vVBxlHWLSq1fuQw2L5BPyxsDoAp2pX6f0RpBSmAaURU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Mon, 24 Jul 2023 13:49:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 68015
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14655
x-xss-protection: 0
last-modified: Tue, 18 Jul 2023 09:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 23 Jul 2024 13:49:35 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 6B6B 0
0 79ms
54ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202307180101&jk=1152260281831695&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5E60 0
10 B 21ms
21ms Image
text/plain 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?wg2ROg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

date: Tue, 25 Jul 2023 08:43:10 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2

200

cs
s.thebrighttag.com/ Frame 69CC
Redirect Chain

https://gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=RLNVs04j86jSvFRGYBAxpI_saDwCsBRf

35 B
268 B

401ms
118ms

Image
image/gif

18.189.169.214
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=RLNVs04j86jSvFRGYBAxpI_saDwCsBRf
Protocol: H2
Server: 18.189.169.214 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-189-169-214.us-east-2.compute.amazonaws.com
Software: nginx /
Resource Hash: 8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:10 GMT
x-bt-requestid: 492082f0-2ac7-11ee-ac87-0000ac1702e3
server: nginx
content-type: image/gif
access-control-allow-origin
p3p: CP=NOI DSP COR NID
cache-control: private, must-revalidate
content-length: 35
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=RLNVs04j86jSvFRGYBAxpI_saDwCsBRf
date: Tue, 25 Jul 2023 08:43:09 GMT
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 1003812
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202307180101&jk=1152260281831695&bg=!sbKlsubNAAZsPphkTD47ADkAdvg8Wk_M2PfHoAfTvslN9vvfR6YdUeRmXM270zfySf58du783djb70WVxetpHWHXh9sTU859dcACAAAAU1IAAAAKaAEHmQL_OVIHopC2BhCkPFHoelz1n1lcOqC6RkwqJEJguGYzQeZKYzKb0RvPw0JCF6xFlDyOTNcabJ6nSEWyXgaFJTu_CX30p6ajYVOV2SJX6l6dqNLdE-EFreqwor8NJRZvXd9w9rS4n9texrqwp68mH0ZTSUXrwKIOOxf7cBJLLQ2B089XzSJl0TZA_T6r_45bZcJ5vyw2yxJvUET6HVN01NIOxmic1pxUDfvdp6rE3PNGQST0OW4R15gmRF2W9Z04Xh-T3B1rkkhNzq0iu3E5htgTL96wpuLnxIPyayzglqIxin49cMAmPiVBQMYOeRCJvNuHLP7On10gfHQJmfuIUCLGT2pBHrR8vm_mDWdilgiUmDPq9QA6PRRTJAjaaSsqxLKDGd4pOalOhEkpr6cQ7QY-xdRj5byr-nCvSwlzk_nD35C0AHoYElIIzi_r33DUeFGJh-IMog7KDuAn-elCUkEXiJGeL_TrYwHutFTHrOVEtrrubFstnj2rtHc9q1HoU2Ise4JuG52M_efMKHesedjrOeIhCsmInxtmxqqVkc2NVCN9QwMHyn8KEDnUOgJuFKiUBUFej0S96iIA3X-8905l57V4PpmeY8qPaywlYsw0MdLYVgbjhcSLfchbioVi3bsYrpnfGxP-eF6JJabZY1Y33P8uTaqfnn_DNrtiKFmzChFjFvQEfbYNgR6ABxL5IEokT8-RuKZjAAwkBMa8sQFPFsWGE_NnINNyOVoBI-lAAsKpmkkcxuTnxLa_G9Om_dzdDyn1X9zJZ9RpGikXEoZPBu_mFyZlp3m7ETyCgF-D81S9zzAzOhTscEWt368kFTaHn2cAkdJfZjgKUPLIH6VzYTsXU4lbfbZ650DGfgUDrs9RAYtWreLR8IUTfGXaBtZsjnZkYzsFaLxvFPcUmnviObWaGpYib44tcnTKIrQI7v1kLJCec7xiE4tVUtIYOnK2w7zjh8qeuNUMLo0-Hx_NDh18UH4Px0H59UzvRmJkAxoGrYZge77wYyYJceHuj2Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

POST
H2 403 / Show response
o4504869871026176.ingest.sentry.io/api/4504886696935424/envelope/ 56 B
114 B 64ms
63ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o4504869871026176.ingest.sentry.io/api/4504886696935424/envelope/?sentry_key=52d63ea0fdce4f92bf5300b25417df2c&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.43.0

Requested by

Host: herfs3vxf.ruiertyuiokjn26.tk
URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/_app-c8c4214d0669ff5d.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 25 Jul 2023 08:43:11 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
server: nginx
vary: origin,access-control-request-method,access-control-request-headers
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: x-sentry-error,x-sentry-rate-limits,retry-after
x-envoy-upstream-service-time: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E485 42 B
174 B 57ms
56ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssanA_9_5HmpS2tHgPxQVc5u5wj2g9iWrwJagJ6EYyO4S2CQ90vOKnulGGzlYwjJjE6rAzgf7-tYdMD9nRyLsBtI_c_llsnENXjtPEYOp0Hru91Locd&sig=Cg0ArKJSzN2DaOqdt3CSEAE&id=lidar2&mcvt=1000&p=883,991,1483,1291&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230719&bin=7&avms=nio&bs=1600,1200&mc=0.53&vu=1&app=0&itpl=3&adk=2213011000&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1690274589995&rpt=178&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:11 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 29ms
28ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-YX7CEM5R3Y&gtm=45je37o0&_p=28965531&ir=&cid=886274917.1690274589&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEI&sid=1690274588&sct=1&seg=0&dl=https%3A%2F%2Fherfs3vxf.ruiertyuiokjn26.tk%2F&dt=Cars%20for%20Sale%20in%20South%20Africa%2C%20Buy%20new%20%26%20used%20-%20Cars.co.za&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-YX7CEM5R3Y&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://herfs3vxf.ruiertyuiokjn26.tk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.102 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 25 Jul 2023 08:43:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://herfs3vxf.ruiertyuiokjn26.tk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

48 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

43 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ruiertyuiokjn26.tk/	1970-01-20 15:40:50	Name: _gcl_au Value: 1.1.545731785.1690274588
.criteo.com/	1970-01-20 22:52:50	Name: uid Value: 0a33923b-61e1-49f8-ae58-06d5a430a52c
.ruiertyuiokjn26.tk/	1970-01-20 13:32:40	Name: _gid Value: GA1.2.2013409252.1690274589
.ruiertyuiokjn26.tk/	1970-01-20 13:31:14	Name: _dc_gtm_UA-1534990-2 Value: 1
.ruiertyuiokjn26.tk/	1970-01-20 23:07:14	Name: _ga Value: GA1.1.886274917.1690274589
.ruiertyuiokjn26.tk/	1970-01-20 23:00:38	Name: cto_bundle Value: Bi3MJF9wbkltckl5U2FRbmVRYk5NQ1Y2bzdlUXJXZkNkWWtWZFM2MWFnODhBMXhrY29wWFJ1RXJXcjhCNHNrMnhPUU8xdGJLdXpUNVF0RjZ5WDRUSHhFU09ldlZWMHVkRnElMkJGUTJ1NENEb0pqVTNpRU8lMkZrc0JpSzNGTmh5WkxLZ3p1dk9MViUyQmFOcGg5TjFBMUZ0MHZodVNQZUJJSnRiOEZERnpaN3k2bkk0NThHJTJCSSUzRA
.ruiertyuiokjn26.tk/	1970-01-20 15:40:50	Name: _fbp Value: fb.1.1690274588867.1826207154
.ruiertyuiokjn26.tk/	1970-01-20 22:52:50	Name: __gads Value: ID=1245a34dc10fdd5a:T=1690274589:RT=1690274589:S=ALNI_MZn3G60Zyjr0AyaeVKjt2crx1ZJuQ
match.sharethrough.com/	1970-01-20 13:41:19	Name: AWSALBCORS Value: I9+/IUIPQSbNJSJzO48duhv0ajcXOQoS/LPgnry2t85KZvkkgd95/ZqxEwVqLjo39TWNCHDIq872QVp/QHcjQfHodVQpoqOSMfONTdnFhH4qsNU2WnzCKEyETbXT
.ruiertyuiokjn26.tk/	1970-01-20 22:52:50	Name: __gpi Value: UID=00000c476ba7aa42:T=1690274589:RT=1690274589:S=ALNI_MY_oVN3U2YzkVOC0hU0JzFZIFbNBA
.adnxs.com/	1970-01-20 15:40:50	Name: uuid2 Value: 6713900658213081969
.ruiertyuiokjn26.tk/	1970-01-20 23:07:14	Name: _ga_YX7CEM5R3Y Value: GS1.1.1690274588.1.0.1690274590.58.0.0
.adnxs.com/	1970-01-20 15:40:50	Name: anj Value: dTM7k!M4/rCxrEQF']wIg2GTyhILM!]tbPl@/D!9hy6]/CwiQ69Xy%`s0DgPAjN1d1A9e8X8Ghtu<Lk12[!m)>d%gYG_Y?12:kMsWLCbpRzqF1`*bbGF+L9a>
.media.net/	1970-01-20 22:16:50	Name: visitor-id Value: 3332761908281075000V10
.media.net/	1970-01-20 14:14:26	Name: data-c-ts Value: 1690274590
.media.net/	1970-01-20 14:14:26	Name: data-c Value: k-NYYH8ppBeJINCzcybtD3uQGoCmJUFcBqZiWUSg~~3
.doubleclick.net/	1970-01-20 22:52:50	Name: IDE Value: AHWqTUkOUoRAGyu_zASJKqeo9Mp9iLY0KXoCmrVu28fnMizGNnTK8YWUTtorAOJ2zE8
.id5-sync.com/	1970-01-20 13:31:14	Name: cf Value:
.id5-sync.com/	1970-01-20 13:31:14	Name: cip Value:
.id5-sync.com/	1970-01-20 13:31:14	Name: cnac Value:
.id5-sync.com/	1970-01-20 13:31:14	Name: car Value:
.id5-sync.com/	1970-01-20 13:31:14	Name: gdpr Value:
.id5-sync.com/	1970-01-20 13:31:14	Name: callback Value:
.casalemedia.com/	1970-01-20 22:16:50	Name: CMID Value: ZL.LHrDq-ha25xHQyF737QAA
.casalemedia.com/	1970-01-20 15:40:50	Name: CMPS Value: 3204
.casalemedia.com/	1970-01-20 15:40:50	Name: CMPRO Value: 3204
.omnitagjs.com/	1970-01-20 14:14:26	Name: ayl_visitor Value: d8b58a59bb574918a765d985a62d19ba
exchange.mediavine.com/	1970-01-20 13:51:24	Name: mv_tokens Value: %7B%22mv_uuid%22%3A%2248ba4710-2ac7-11ee-91f0-91b309fa177f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:51:24	Name: mv_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2248ba4710-2ac7-11ee-91f0-91b309fa177f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:51:24	Name: am_tokens Value: %7B%22mv_uuid%22%3A%2248ba4710-2ac7-11ee-91f0-91b309fa177f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:51:24	Name: am_tokens_eu-v1 Value: %7B%22mv_uuid%22%3A%2248ba4710-2ac7-11ee-91f0-91b309fa177f%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/	1970-01-20 13:51:24	Name: criteo Value: %7B%22id%22%3A%22k-nAn-C5pBeJINCzcybtD3uQGoCmJgRyb29YCDoA%22%2C%22version%22%3A%22criteo%22%7D
.demdex.net/	1970-01-20 17:50:26	Name: demdex Value: 21709262725052026561191783558801726408
.360yield.com/	1970-01-20 15:40:50	Name: tuuid Value: 0ede0387-faf1-4e72-881f-b3a9bd3193d2
.360yield.com/	1970-01-20 15:40:50	Name: tuuid_lu Value: 1690274590
.pubmatic.com/	1970-01-20 14:14:26	Name: KRTBCOOKIE_97 Value: 3385-uid:k-59LbQ5pBeJINCzcybtD3uQGoCmJBOzkg_rZ-ZQ&KRTB&23144-uid:k-59LbQ5pBeJINCzcybtD3uQGoCmJBOzkg_rZ-ZQ&KRTB&23286-uid:k-59LbQ5pBeJINCzcybtD3uQGoCmJBOzkg_rZ-ZQ&KRTB&23287-uid:k-59LbQ5pBeJINCzcybtD3uQGoCmJBOzkg_rZ-ZQ
.pubmatic.com/	1970-01-20 14:14:26	Name: PugT Value: 1690274590
.dpm.demdex.net/	1970-01-20 17:50:26	Name: dpm Value: 21709262725052026561191783558801726408
.360yield.com/	1970-01-20 15:40:50	Name: um Value: !38,fTcCFWZMtNqFEGCtk1S-3dqqaLgFBH-tZoFVzUYEUXoj7PvW790o6qxIRx6lhlEQB5GyozDd,1698050590
.360yield.com/	1970-01-20 15:40:50	Name: umeh Value: !38,0,1752482590,-1
.tremorhub.com/	1970-01-20 22:17:11	Name: tvid Value: 4bfc4abe87ac4f41a8b2a867a95ecd66
.tremorhub.com/	1970-01-20 14:14:26	Name: tv_UICR Value: k-4GnU-ZpBeJINCzcybtD3uQGoCmIaAQGhXnknEg
.krxd.net/	1970-01-20 17:50:26	Name: _kuid_ Value: Pse1LR-L

18 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: Failed to execute 'write' on 'Document': It isn't possible to write into a document from an asynchronously-loaded external script unless it is explicitly opened.
network	error	URL: https://o4504869871026176.ingest.sentry.io/api/4504886696935424/envelope/?sentry_key=52d63ea0fdce4f92bf5300b25417df2c&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.43.0 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/843-1fbf6e6a914ae6b8.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/usedcars-32490ae3ad9c7cc9.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/6999-21bfc1ff519166f6.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/9628-d08563bc504ae047.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/sell-car-c8071101181cef67.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/8615-38346467ec041ce5.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/9046-63ac3a13267b04c3.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/wishlist-e871f5049c1732a8.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/3936-a415d48d114b9fa9.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/5480-dbbc3a452dbd2faa.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/6760-71527aeac92bedbe.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/5113-5df76eb4142ed482.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/4907-ab8a5cbbfbc1c79e.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/6358-235359d0c9466cdd.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://herfs3vxf.ruiertyuiokjn26.tk/_next/static/chunks/pages/motoring-news-b031bb1a39441f81.js Message: Failed to load resource: the server responded with a status of 520 ()
network	error	URL: https://o4504869871026176.ingest.sentry.io/api/4504886696935424/envelope/?sentry_key=52d63ea0fdce4f92bf5300b25417df2c&sentry_version=7&sentry_client=sentry.javascript.nextjs%2F7.43.0 Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.yieldlab.net
api.cars.co.za
beacon.krxd.net
c47cc4beca060a508f28cfa16ea9e190.safeframe.googlesyndication.com
cm.adform.net
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
criteo-partners.tremorhub.com
criteo-sync.teads.tv
dis.criteo.com
dpm.demdex.net
dynamic.criteo.com
e1.emxdgt.com
eb2.3lift.com
exchange.mediavine.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
herfs3vxf.ruiertyuiokjn26.tk
ib.adnxs.com
id5-sync.com
ik.imagekit.io
img-ik.cars.co.za
img.youtube.com
match.sharethrough.com
matching.ivitrack.com
mug.criteo.com
o4504869871026176.ingest.sentry.io
pagead2.googlesyndication.com
pixel.rubiconproject.com
r.casalemedia.com
region1.analytics.google.com
rtb-csync.smartadserver.com
s.thebrighttag.com
secure.adnxs.com
securepubads.g.doubleclick.net
settings.luckyorange.com
simage2.pubmatic.com
sslwidget.criteo.com
stats.g.doubleclick.net
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.outbrain.com
tools.luckyorange.com
tpc.googlesyndication.com
ups.analytics.yahoo.com
visitor.omnitagjs.com
www.cars.co.za
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
104.75.89.75
13.248.245.213
141.226.228.48
142.250.185.162
162.19.138.82
178.250.1.9
178.250.7.13
18.189.169.214
18.194.63.102
184.30.20.22
185.255.84.152
185.64.190.80
185.80.39.216
185.86.139.104
185.89.210.122
185.89.210.141
2001:4860:4802:32::36
23.35.237.75
2600:1f18:612b:4216:fdfc:8841:31a4:a88b
2600:9000:2057:6200:3:a1d:1c0:93a1
2600:9000:2057:a600:18:6c16:27c0:93a1
2600:9000:21f3:ea00:15:c281:3500:93a1
2606:4700::6812:43a
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2003
2a00:1450:4001:810::200a
2a00:1450:4001:811::2003
2a00:1450:4001:812::200e
2a00:1450:4001:813::2001
2a00:1450:4001:813::2008
2a00:1450:4001:81c::2002
2a00:1450:4001:828::2001
2a00:1450:4001:828::2004
2a00:1450:400c:c07::9d
2a02:2638:3::e
2a02:2638:d::d
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a06:98c1:3120::3
3.75.62.37
34.107.203.234
34.117.157.22
34.120.195.249
35.158.171.190
35.158.240.125
37.157.2.234
52.18.94.124
52.211.18.86
52.30.155.207
54.246.170.49
54.93.45.192
64.202.112.223
69.173.144.139
06d05e25d5735fd4968f4db173509082b3c907133c6178b914fdd44bb4dbf50d
0d18ae701c14c96d4b020812342207f8772da34ce20f68f7ce93c5cfe8f924ed
0f799755b8d2ddac438ffa91d657fc01c00ad514b898022ec76383018c3a905d
1af9b0fc21168f65f7c5989d9cd824ebf0c13ac0f8699ba7d1527944d2243f2b
1c0f3d5b4152b13b8340caec2936e65369e33a1b3f27bb3b854bc16b2c99a6a1
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
20e6cc35d047b9965f86031c0c9f474feedd8c60525d2f11d63ae2c25239525d
245897f8383100d06968286edcab6894eef808a5d8890601a536481ad43b82e8
2b1ee1dba0f95bc17c16754bb7ed7f74525d5960f8cc92fff75a7065f508a826
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
334255f6fa70c1d7baca1f55ff15ebd3bb0091e66aab2094a099d7d5a9d78609
345b184963cc1843207b828d47578a12743b2499b632c86151b3e80d120ab49c
398633ade6c5cd957462b254ff92c08100b248c12fe9ce26492c056d9a04b02a
3e7cb70b50f2684948b20373002c106d7688a1765c0f9cebee1c920e4b93319a
3f98d2733f3cacaf5152fd4d55f778410f391312016cadb5162545357302cdee
40259ac1a9f267143d158003c34c10fc0242ee60cef858f450f81ef330afcac7
40e44938be76d56247b2c127c3d39fdb2cb4158edfaea69b7b72db0dd8acc7ce
4334fcd87e9db1953b7d51fbe2af7b3c7caab98611d881e24359edf3fe3968fa
466c4b6f4f9ceb1f54c5186c70a5fb7a57736077ed446475b1f048f7643f2fd7
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48ae39501369e0d90535fa0b7b98c02af384903c5ad9c1f6b3e35cd57ad97166
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d13c4112daff29c49f8d5975bf56d211e6066dabf28f3582cf59931013b36c4
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee827bb1d5595ad216f133facfce759e16865a16f25c683e20377378cb795cb
4f5662e843ed82b9d4a3e95c404b55eaf3366e371559c1a842817428fc9477d2
4fbad2230d9711938a4d41137a22a818cbedc33ed4e118f68b4853f523b99e38
4fe2b8c9aa3fdffb7e10d0ba8df976dd82d30a3ab97c7ab39792b24a661b3e9d
50f6530f62f596ae21a01cbd7969aca135fa3fa82ac58d6c655e6531abbdaf40
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e5934e0783991d1c06c32a229d8bac35db357b20c241f6ab90e92bf56eff52
5c97b80b9c30ef010c2128858a8f50ef370f77e493d5b250e832768f02f0af06
5e0211be9c8eb7e8d51dc8c1ba337c77361a1b45f9c087ede589f48f552973f2
5facf3ca997fd8a7658579d40b8bc44a659e12df5b45b2f1f1713f987b86366c
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6445f220d0effc8f5dd8ea35f18fb94e31ac39a881a736ae52498248c9008d68
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
66d8fefd9ed26f0d7be3d34449396d643c32e251ad52a001ce5956b980a37d47
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e
747d5a0865fe76129cc17fe70097fd5b1db733ed3bbfa0210a8505d80c14ab5a
782e4c0f9402250795f129a2df81e489a3c2e92a1180ca3e239c8a5c87bb79be
7c1e2d0f6a27b6701cbfc14d4b2c6863a2de1753603e0eafaf1a1c42a4e22b65
7e7f55c00a2f43859900b49d1a3986378f39939e67603a7fb1664f8b835a8396
7f6de301aa68cad6801ad9135223ccc05f8e46cbc6a28af6693ef7153c9d1e4d
7fe70eb0e3fc3e35c9a1873ea07e136d49f4043e6e6619a18fa1cb526192a65c
80eb909c5a724d9e960f0cfc43a50aee17245d58c8ffd21ed1a68a46ca73fe2f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b507b4a643776d79f3018fd42f7d1568d22c45ee40b714d5178b5ec3a464bb3
8ccef47b66e8f2188900566d6bbe024b9724351d427cc56e7936b010bd7d7c30
943552f9c0efcdca7a9252f15394da4d0d8ba74974491cd51e95bb4f3dae84c2
9c9a3a030b4e89b8d9bd35d475b8a3eb55e4c369021e42d3685af639a1ef71f7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
aa3d86e8e6e5577fdeabe0c790790c7e974356cb2712c8117ffc63c64e897121
aab0bd18f5bdf4d338a9261ca664b96ca79b116ef8f24a7236973a487f188cf6
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6c57887f313487ae3e9f8be4f2f6c46dc6c8872784e7ed7055943ab5822f549
b7120573894b7a8c5e1b5145c8bb632e3c34cb1904c6878a045c101a736ec9b8
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bd507194758b4aad5fb90c362f904fcb1b03a00a76a57e9fd11a414a601a5115
c01d27a9d09486021e5af41eda8d7adc11f1e2d0f6f975f3baecdd0a375e0213
c4a7b83739ac3e70d85ea8155bb89e7c688f935e360787ecf8cd0b3d980cf8c8
c4b5d7b7a17d6784c99098d6068be8b544ec01c03e9b3bc20a81d938cf65fba0
c557b8155e4f464d1b574d531e10f0c414dd9d937f439b2737203475dd789de0
c7d08d4e7c3d76659170e4899089e6db79529e9c03edbcbaa5233fe5741ae95a
c9c052df45b7a09302d9d8ca572b2ca290bdeec12a8f540f5a4d16f725fd0e97
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
d1a6873bfec0fa3571cd8ef433ac7e33e95b545a5ac2bff3b58936ecfe094761
d5e4168c549beeeb7946e688c11e8ebec9ae7d2d53fd20a1992660551b7b3668
d8c16e364660fcd868c4760593f181e103b68dc4d9cd9b9654dd080cee0d3dda
db579a588779c4ba0f8282d3b1571d98b314fd193301931740be7d9ba768c616
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec1217100dbf844f59e6cd80e46fae7878a2a853c625e847742bb6a9c031bf80
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f013702257780d299aa0f5c08ee035f0ce968b6e61a4340b8f2bc4e22deaae71
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
fb1e3adcd7bb27df6d344046c5bf9bfdccf8b220befd857367078dfc7103f42e
fe1d79cdeb52b9d850b766704955a0c174cc17b00880b9127d780e7f77830e4d

herfs3vxf.ruiertyuiokjn26.tk Open in urlscan Pro 2a06:98c1:3120::3 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

131 Requests

92 %HTTPS

43 %IPv6

44 Domains

57 Subdomains

53 IPs

9 Countries

2268 kBTransfer

4524 kBSize

43 Cookies

34 Outgoing links

Redirected requests

131 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

herfs3vxf.ruiertyuiokjn26.tk Open in urlscan Pro
2a06:98c1:3120::3 Public Scan

Screenshot
Live screenshot

Full Image

131
Requests

92 %
HTTPS

43 %
IPv6

44
Domains

57
Subdomains

53
IPs

9
Countries

2268 kB
Transfer

4524 kB
Size

43
Cookies

131 HTTP transactions
2 data transactions