www.windows2universe.org Open in urlscan Pro
69.167.170.156 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Submission: On April 18 via api (April 18th 2022, 8:00:10 pm UTC) from US — Scanned from DE

Summary HTTP 169 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 47 IPs in 7 countries across 43 domains to perform 169 HTTP transactions. The main IP is 69.167.170.156, located in United States and belongs to LIQUIDWEB, US. The main domain is www.windows2universe.org. The Cisco Umbrella rank of the primary domain is 453868.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on May 19th 2021. Valid for: a year.

This is the only time www.windows2universe.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 35	69.167.170.156 69.167.170.156	32244 (LIQUIDWEB) (LIQUIDWEB)
5	2.18.232.170 2.18.232.170	16625 (AKAMAI-AS) (AKAMAI-AS)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	169.50.137.176 169.50.137.176	36351 (SOFTLAYER) (SOFTLAYER)
4	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 3	99.86.7.34 99.86.7.34	16509 (AMAZON-02) (AMAZON-02)
3	23.23.134.191 23.23.134.191	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80f::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
5	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
1	2600:9000:223... 2600:9000:223c:1a00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2.20.157.238 2.20.157.238	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1 10	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	13.225.80.89 13.225.80.89	16509 (AMAZON-02) (AMAZON-02)
14	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:223... 2600:9000:223c:7400:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 4	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
17 22	169.50.137.184 169.50.137.184	36351 (SOFTLAYER) (SOFTLAYER)
1 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	2600:1f18:612... 2600:1f18:612b:4216:4bb:825e:5e5f:d97a	14618 (AMAZON-AES) (AMAZON-AES)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 1	35.178.150.13 35.178.150.13	16509 (AMAZON-02) (AMAZON-02)
1 1	18.198.193.48 18.198.193.48	16509 (AMAZON-02) (AMAZON-02)
1	52.222.214.42 52.222.214.42	16509 (AMAZON-02) (AMAZON-02)
2 3	2600:1901:0:8... 2600:1901:0:8eee::	15169 (GOOGLE) (GOOGLE)
3 3	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
1 2	34.254.143.3 34.254.143.3	16509 (AMAZON-02) (AMAZON-02)
1	34.239.97.35 34.239.97.35	14618 (AMAZON-AES) (AMAZON-AES)
1	104.89.42.102 104.89.42.102	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	52.208.103.128 52.208.103.128	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.19 216.52.2.19	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	172.217.23.98 172.217.23.98	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:401... 2a00:1450:4016:808::2003	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
1 2	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
169	47

35 69.167.170.156 (United States) 1 redirects

ASN32244 (LIQUIDWEB, US)
PTR: host.windows2universe.org

www.windows2universe.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.232.170 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-170.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 169.50.137.176 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b0.89.32a9.ip4.static.sl-reverse.com

i.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.7.34 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-7-34.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.23.134.191 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-23-23-134-191.compute-1.amazonaws.com

engine.multiview.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:1a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.20.157.238 (Milan, Italy)

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-157-238.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.80.89 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-80-89.fra2.r.cloudfront.net

s.zkcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:223c:7400:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 169.50.137.184 (United States) 17 redirects

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4216:4bb:825e:5e5f:d97a (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

simplifi.partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.178.150.13 (London, United Kingdom) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-178-150-13.eu-west-2.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.198.193.48 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-193-48.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.214.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-42.fra56.r.cloudfront.net

sync.intentiq.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:1901:0:8eee:: (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

fei.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pbid.pro-market.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.254.143.3 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.239.97.35 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-239-97-35.compute-1.amazonaws.com

sync.bfmio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.89.42.102 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-42-102.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.103.128 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ce.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.23.98 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: mil04s23-in-f98.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4016:808::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.173.215 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	windows2universe.org 1 redirects www.windows2universe.org — Cisco Umbrella Rank: 453868	740 KB
27	criteo.net static.criteo.net — Cisco Umbrella Rank: 632 pix.eu.criteo.net — Cisco Umbrella Rank: 7400 csm.eu.criteo.net — Cisco Umbrella Rank: 7420	48 KB
24	simpli.fi 17 redirects i.simpli.fi — Cisco Umbrella Rank: 3608 um.simpli.fi — Cisco Umbrella Rank: 825	14 KB
24	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 128	356 KB
16	doubleclick.net 4 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 193 googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	208 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13058 ads.eu.criteo.com — Cisco Umbrella Rank: 7422 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9555	71 KB
6	google.com 2 redirects adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	1 KB
4	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 279 www.google-analytics.com — Cisco Umbrella Rank: 37	37 KB
4	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	137 KB
4	addthis.com s7.addthis.com — Cisco Umbrella Rank: 1487 m.addthis.com — Cisco Umbrella Rank: 1411	142 KB
3	pro-market.net 2 redirects fei.pro-market.net — Cisco Umbrella Rank: 2745 pbid.pro-market.net — Cisco Umbrella Rank: 6551	1 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7579 www.google.de — Cisco Umbrella Rank: 5383	1 KB
3	multiview.com engine.multiview.com — Cisco Umbrella Rank: 116282	12 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 137	2 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 248	2 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 531	1 KB
2	crwdcntrl.net 1 redirects bcp.crwdcntrl.net — Cisco Umbrella Rank: 858	835 B
2	exelator.com 1 redirects loadm.exelator.com — Cisco Umbrella Rank: 1158	2 KB
2	agkn.com 2 redirects aa.agkn.com — Cisco Umbrella Rank: 431 d.agkn.com — Cisco Umbrella Rank: 550	963 B
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 434	885 B
2	3lift.com 1 redirects eb2.3lift.com — Cisco Umbrella Rank: 400	730 B
2	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 589	137 KB
2	googleadservices.com 1 redirects partner.googleadservices.com — Cisco Umbrella Rank: 794 www.googleadservices.com — Cisco Umbrella Rank: 104	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	14 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 138	85 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 975 pixel.quantserve.com — Cisco Umbrella Rank: 423	10 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 411	274 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 350	239 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 327	66 B
1	lijit.com ce.lijit.com — Cisco Umbrella Rank: 930	348 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 481	603 B
1	bfmio.com sync.bfmio.com — Cisco Umbrella Rank: 1264	421 B
1	intentiq.com sync.intentiq.com — Cisco Umbrella Rank: 1509
1	tremorhub.com simplifi.partners.tremorhub.com — Cisco Umbrella Rank: 6871	183 B
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1396	687 B
1	zkcdn.net s.zkcdn.net — Cisco Umbrella Rank: 34107	34 KB
1	addthisedge.com v1.addthisedge.com — Cisco Umbrella Rank: 1691	207 B
1	moatads.com z.moatads.com — Cisco Umbrella Rank: 390	1 KB
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 903	439 B
0	googleapis.com Failed ajax.googleapis.com Failed
0	glam.com Failed www8.glam.com Failed
0	bit.ly Failed bit.ly Failed
0	compete.com Failed c.compete.com Failed
169	43

	Domain	Requested by
35	www.windows2universe.org	1 redirects www.windows2universe.org
22	um.simpli.fi	17 redirects
14	static.criteo.net	ads.eu.criteo.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com securepubads.g.doubleclick.net tpc.googlesyndication.com
9	pix.eu.criteo.net	ads.eu.criteo.com
9	googleads.g.doubleclick.net	1 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	www.windows2universe.org pagead2.googlesyndication.com securepubads.g.doubleclick.net googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
4	www.google.com	2 redirects 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com tpc.googlesyndication.com
4	csm.eu.criteo.net	ads.eu.criteo.com
4	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.windows2universe.org
4	www.googletagservices.com	www.windows2universe.org googleads.g.doubleclick.net 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com
3	cm.g.doubleclick.net	3 redirects
3	engine.multiview.com	www.windows2universe.org engine.multiview.com
3	sb.scorecardresearch.com	1 redirects www.windows2universe.org
3	s7.addthis.com	www.windows2universe.org s7.addthis.com
2	ib.adnxs.com	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	bcp.crwdcntrl.net	1 redirects
2	loadm.exelator.com	1 redirects
2	fei.pro-market.net	2 redirects
2	pixel.tapad.com	1 redirects
2	eb2.3lift.com	1 redirects
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com
2	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net www.windows2universe.org
2	static.xx.fbcdn.net	www.facebook.com
2	147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	adservice.google.com	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	adservice.google.de	securepubads.g.doubleclick.net pagead2.googlesyndication.com
2	www.facebook.com	connect.facebook.net www.windows2universe.org
2	connect.facebook.net	www.windows2universe.org connect.facebook.net
2	www.google-analytics.com	www.windows2universe.org www.google-analytics.com
2	ssl.google-analytics.com	www.windows2universe.org
2	i.simpli.fi	www.windows2universe.org i.simpli.fi
1	us-u.openx.net
1	pixel.rubiconproject.com
1	www.google.de
1	www.googleadservices.com	1 redirects
1	idsync.rlcdn.com
1	ce.lijit.com
1	stags.bluekai.com
1	sync.bfmio.com
1	pbid.pro-market.net
1	sync.intentiq.com
1	d.agkn.com	1 redirects
1	aa.agkn.com	1 redirects
1	simplifi.partners.tremorhub.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	s.zkcdn.net	www.windows2universe.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	z.moatads.com	s7.addthis.com
1	pixel.quantserve.com	www.windows2universe.org
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.windows2universe.org
0	ajax.googleapis.com Failed	www.windows2universe.org
0	www8.glam.com Failed	www.windows2universe.org
0	bit.ly Failed	www.windows2universe.org
0	c.compete.com Failed	www.windows2universe.org
169	60

This site contains links to these domains. Also see Links.

Domain
www.nestanet.org
www.addthis.com
engine.multiview.com
www.realclimate.org
www.epa.gov
classic.globe.gov
www.talkingscience.org
www.nsf.gov
www.nasa.gov
www.agu.org
www.agiweb.org
www.esipfed.org
ncse.com
www.hhmi.org
www.americangeosciences.org
www.ametsoc.org
www.noaa.gov
windows2universe.org
nestanet.org
www.ucar.edu
www.ncar.ucar.edu

Subject Issuer	Validity	Valid
windows2universe.org Go Daddy Secure Certificate Authority - G2	`2021-05-19` - `2022-05-18`	a year	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2022-02-27` - `2023-02-28`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-11-27`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
engine.multiview.com Amazon	`2022-01-15` - `2023-02-13`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-01-26` - `2022-04-26`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.zkcdn.net Amazon	`2021-05-22` - `2022-06-20`	a year	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-03-28` - `2022-06-20`	3 months	crt.sh

This page contains 16 frames:

Primary Page: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Frame ID: 8C11E46DC70009E5A196FC24FE3D85C7
Requests: 97 HTTP requests in this frame

Frame: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: D7A293520564207D6C2FB2F840DAC574
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.windows2universe.org/mythology/coyote_milkyway.html&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=325911867506691
Frame ID: EA8C7DF3AFA39D48274459E2FEA7029C
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html
Frame ID: 7BAFBFBDA0B55DDE41FAD1B9E05466DC
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: B3E587BC5DA5393FA06C62C230993572
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: CD3BD5ECC6DC8DC06CBD97D47B57120B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&h=600&slotname=2289166236&adk=1136797986&adf=110671561&pi=t.ma~as.2289166236&w=160&fwrn=4&fwrnh=100&lmt=1650312004&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004134&bpp=5&bdt=769&idt=103&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&correlator=1137718152227&frm=20&pv=2&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1138&ady=308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=KvMFhYGEXR&p=https%3A//www.windows2universe.org&dtd=120
Frame ID: 398FEE2157733EB3AD04169CF6F35B8D
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&h=280&slotname=9237717968&adk=2724253716&adf=3745365657&pi=t.ma~as.9237717968&w=728&fwrn=4&fwrnh=100&lmt=1650312004&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004139&bpp=1&bdt=773&idt=129&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1137718152227&frm=20&pv=1&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1692&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=yulEFAAaSi&p=https%3A//www.windows2universe.org&dtd=133
Frame ID: A3B63F7E7E72F4958CB2BAD66C6B5E01
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&adk=1812271804&adf=3025194257&lmt=1650312004&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=277x1080_l%7C294x1080_r&format=0x0&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004193&bpp=1&bdt=827&idt=91&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C728x280&nras=1&correlator=1137718152227&frm=20&pv=1&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=14&uci=a!e&fsb=1&dtd=104
Frame ID: 396A8BBA584182C31D2D628B5CC0E22B
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yl3DRAAEezAIu8cmAAlTFHMY8ffL7tU_QEn8kw&u=%7CILtxJKbxgfQpMJTaeyZlouuyJxQq3pUdFxIsQWsF%2Ffk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWZThCef16kqGZ9KRqhVVTcs1Ql9-O4vYSKkC2iLJ5j8gzdOtV_rhlKmYEEuZiIFGKJsCVVhAfPibeBzsexvxvgsX5YfCpeso6K3HKUEraWhPfRkVku4vCKrunYbDbshtAf6ZG4CVOQJmbGifWc5jMyO0PMr-fFWH8RheV8wQXnZh7bkfdeKmjKKmCla5dkY6iSmpww66OxOSn7WnIzO5GBo-GcbPN88bLOs9AWo_M4rsGwd2g2U0Xw33B_Fhnhwmupxx3VafaNqxkZ8wyEdbQtUe515if9IhXPZ6J8gV10BcBUivEXsMktNqfe-lYf6ZDhAyTC88alVepkfjJ9i8LbLZ0sq6L2b5HaMGhSnA0bDGOW5xzbXIs3SVNMxUkDSpDDJlZ6fdYQoCd6aAnhXjqJq8sEQbsj3nY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt64lRMNdYrD2EaaO7_UPlKal4A7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPqgDAaoE9gFP0L0J6VwbM7Nzc8fqqHm_dKcf3mnJCgeWGdO1g0O89CJ-bn_BqxiKfyiuCq72qMUZSYD8bkeKeBwOu2hFxdNI6BU4VMBv0AbH_LpqAXr17oXDZUJ0FI5kFd4hdo3spfGypcB2_-vs-mXwQblt7adsMHG8fS6POJmMPVkuGC4GNOqeDopb_rwiblBt5AZv6s7uNp_EB7mywlpk4_SGVsSECvZavZWhFsgfC1uIK86_6mS4wdZttStTg9Vn4f8mZ_lKgkijd1tOyz3aaIOJz6Sdj-VwY0NUTyd6nSS25HBsUAn2XgiHC_fzKc-wFYcagjn-DT_Gt5CABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ah_s74CeYU16lhZ68aus9rfVRpw%26client%3Dca-pub-7815427952014216%26adurl%3D
Frame ID: C0E8F851F7BECC6CC74A8F1EA27015AD
Requests: 21 HTTP requests in this frame

Frame: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 406B547BC2E9101FC34BA9B004561017
Requests: 10 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yl3DRAACsYUIu9rNAAR29M3YUCl16jnlzkpgKg&u=%7CILtxJKbxgfSYQQpoy%2FJ%2FnWTS%2Bg4P0Bt4PqsNpKPS6K0%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWZThCef16kqGZ9KRqhVVTcgo6QbTZ-if0mGoLBfgr9dLOylIoy89GQVdu8lL718sminklUiriX_7U1V7gsuLvyWzbjouVZld3v7Wngopx3YVVWQqPhl72OzU9VL4cgoUB9IOVjCSC6ABj1uLumbMglmeAwi1Xtd3dp02Jb8jOvvOeAe6TSWbNgjUv9vArqd7blIPdKBAirOJHpujqqCb4eYew-Bqv2mDOeaRe9ImZvEemlWJmxqlw88m2CMX7vV0aN3LcPIlk6JLX8JkdDJ-_pGGUMV3GPFlQASpnE--BmTCSDV8XhJC25_3U0IWje_3Uh2k1fbOGhnm75BTv6VwkF-XapSe6M70WUz4we2mhQD1YT6GjwZYnXuwjZ6DJgdzZ5H3VNeoM9pChvThQwuhoO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCffWkRMNdYoXjCs217_UP9O2RqATJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPuACAKgDAaoEmQJP0GhmI4YDEfDJIxUYHchRD4DK_4GniABg9yebijv79eW81e9lLwa137pXDFCTY1lzb7eSfyIYovQ1eqWWNT568s6oPVQmN4BvlUoqCUppF4Fi2UezypO4iBEUiW1S2goyBhCkEqDzFUA8ljbRHOXzwEM3m2xJuh7mO0mpIi04XTJne3n-IOwclk9TNkOMrEiu8GTBlF_RKklqTDgvKnQD9sJfgx0pqUs5kokwyn0CMFYlBZqkTdagLuJNz7-PEbKwK6DIrhVQ6rJqs-t0RhVeUEB8BvPypO-A0VJMI5l0KRRPrUFN0D-ZoeRYP8hEKLN6VKlPKPEQXWEz05QsfmaUYsYy1dxR-l4iJ-VPeJlqtSH4MaQ5P1fX7-AEAYAGrt-ZoLP2it34AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oMA3BLXrJ1R8hS-zeviHwyAAXqQ%26client%3Dca-pub-7815427952014216%26adurl%3D
Frame ID: 9666E2EB306DEBFC5966FDA240948F9D
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 08F72C3DC4D52E48AB616495BE13D1EF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js
Frame ID: 75656016F0418FBE5915B09E3DED5454
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: D33E41E112B4E8A18424A34C2E024105
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: F3AC91327DD2480D4F8E653927F7C45A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Coyote - Ventanas al Universo

Detected technologies

AddThis (Widgets) Expand

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

169
Requests

85 %
HTTPS

42 %
IPv6

43
Domains

60
Subdomains

47
IPs

7
Countries

2051 kB
Transfer

4438 kB
Size

38
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: http://www.nestanet.org/
Title: Presentado por la Asociación Nacional de Maestros de Ciencias de la Tierra

Search URL Search Domain Scan URL

URL: https://www.addthis.com/bookmark.php?v=250&username=xa-4c44c1d374d06de9
Title: Compartir

Search URL Search Domain Scan URL

URL: https://engine.multiview.com/r?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzQyMCwiYXQiOjE0NTMsImJ0IjowLCJjbSI6NjQyNzksImNoIjoxNDY1MSwiY2siOnt9LCJjciI6MjAxNTc5LCJkaSI6IjEzMjk3N2I2OWRmYTRjZGQ5NDM5ZWM1ZmIzYzY1NzI0IiwiZGoiOjAsImlpIjoiNDI4MzU5NjYxNzA3NGFhYWFmNGQ3YzliYWY4MmFjMTciLCJkbSI6MSwiZmMiOjI1NDIyOCwiZmwiOjExNDQ1OCwiaXAiOiIyMTcuNjQuMTUxLjMwIiwibnciOjQ0NjYsInBjIjowLCJvcCI6MCwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicHIiOjQ4MDE4LCJydCI6MSwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMGI1YzM5YmZmMmVhMDhjOGIiLCJzcCI6NjU5MzA3LCJzdCI6NTQyNDgsInVrIjoidWUxLTE2ZGY5ZTJlZDcxYjQ1MjViNWNlZjJmYmFkYmU3MThkIiwiem4iOjU1ODY5LCJ0cyI6MTY1MDMxMjAwNDM4NSwiYmYiOnRydWUsInBuIjoibXZCb3hBZCIsImdjIjpmYWxzZSwiZ0MiOmZhbHNlLCJnaSI6dHJ1ZSwiZ3MiOiJub25lIiwidHoiOiJVVEMiLCJ1ciI6Imh0dHA6Ly93d3cucXVhbGl0eXNjaWVuY2VsYWJzLmNvbSJ9&s=9MIxVF6KBM-gvrgu53L195qUhfo

Search URL Search Domain Scan URL

URL: http://www.realclimate.org/
Title: Clima verdadero: ciencia del clima por científicos del clima

Search URL Search Domain Scan URL

URL: http://www.epa.gov/greenversations/
Title: EPA Greenversations

Search URL Search Domain Scan URL

URL: http://classic.globe.gov/fsl/scientistsblog/
Title: Aprendizaje y observaciones globales para beneficiar al medioambiente

Search URL Search Domain Scan URL

URL: http://www.talkingscience.org/category/citizen-science-buzz/
Title: Ciencia Ciudadana

Search URL Search Domain Scan URL

URL: http://www.nsf.gov/
Title: Fundación Nacional para las Ciencias

Search URL Search Domain Scan URL

URL: http://www.nasa.gov/
Title: NASA

Search URL Search Domain Scan URL

URL: http://www.agu.org/
Title: Unión Geofísica Americana

Search URL Search Domain Scan URL

URL: http://www.agiweb.org/
Title: Instituto Americano de Geociencias

Search URL Search Domain Scan URL

URL: http://www.esipfed.org/

Search URL Search Domain Scan URL

URL: http://ncse.com/

Search URL Search Domain Scan URL

URL: https://www.hhmi.org/

Search URL Search Domain Scan URL

URL: http://www.americangeosciences.org/

Search URL Search Domain Scan URL

URL: http://www.ametsoc.org/

Search URL Search Domain Scan URL

URL: http://www.noaa.gov/

Search URL Search Domain Scan URL

URL: http://windows2universe.org/
Title: http://windows2universe.org/

Search URL Search Domain Scan URL

URL: http://nestanet.org/
Title: Asociación Nacional de Maestros de Ciencias de la Tierra

Search URL Search Domain Scan URL

URL: http://www.ucar.edu/
Title: UCAR

Search URL Search Domain Scan URL

URL: http://www.ncar.ucar.edu/
Title: NCAR

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 32

https://www.windows2universe.org/bug/mythology/coyote_milkyway.html&lang=sp HTTP 302
https://www.windows2universe.org/php/404error.php

Request Chain 46

https://sb.scorecardresearch.com/b?c1=2&c2=6035233&ns__t=1650312003849&ns_c=windows-1252&cv=3.5&c8=Coyote%20-%20Ventanas%20al%20Universo&c7=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&c2=6035233&ns__t=1650312003849&ns_c=windows-1252&cv=3.5&c8=Coyote%20-%20Ventanas%20al%20Universo&c7=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&c9=

Request Chain 137

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 140

https://um.simpli.fi/triplelift HTTP 302
https://eb2.3lift.com/xuid?mid=7969&xuid=CF3A1C88B3994E7A8DA6C47F7321F72D&dongle=yf3 HTTP 302
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=CF3A1C88B3994E7A8DA6C47F7321F72D&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

Request Chain 141

https://um.simpli.fi/telaria_p HTTP 302
https://simplifi.partners.tremorhub.com/sync?UISF=CF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 142

https://um.simpli.fi/tapad HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CF3A1C88B3994E7A8DA6C47F7321F72D HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 143

https://um.simpli.fi/ad_advisor HTTP 302
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=CF3A1C88B3994E7A8DA6C47F7321F72D HTTP 302
https://d.agkn.com/pixel/10751/?che=1650312005&ip=217.64.151.30&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164881204125000429395 HTTP 302
https://um.simpli.fi/aa_px?sk=164881204125000429395

Request Chain 144

https://um.simpli.fi/intentiq HTTP 302
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 147

https://um.simpli.fi/dtnx HTTP 302
https://fei.pro-market.net/engine?du=24;csync=CF3A1C88B3994E7A8DA6C47F7321F72D;mimetype=img; HTTP 302
https://fei.pro-market.net/engine?du=24;csync=CF3A1C88B3994E7A8DA6C47F7321F72D;mimetype=img;sr HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MjExMzU5MzU5NTU0NTE0NDMzNw== HTTP 302
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEMvrUIvEyQfe4ncqb0PiwqU&google_cver=1

Request Chain 148

https://um.simpli.fi/exelatem HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=CF3A1C88B3994E7A8DA6C47F7321F72D&j=0 HTTP 302
https://loadm.exelator.com/load/?p=204&g=2191&simid=CF3A1C88B3994E7A8DA6C47F7321F72D&j=0&xl8blockcheck=1

Request Chain 150

https://um.simpli.fi/beachfront HTTP 302
https://sync.bfmio.com/sync?pid=141&uid=CF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 151

https://um.simpli.fi/bluekai HTTP 302
https://stags.bluekai.com/site/29931?id=CF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 152

https://um.simpli.fi/crwdcntrl HTTP 302
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CF3A1C88B3994E7A8DA6C47F7321F72D HTTP 302
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 153

https://um.simpli.fi/lj_match HTTP 302
https://ce.lijit.com/merge?pid=2&3pid=CF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 154

https://um.simpli.fi/liveramp_match HTTP 302
https://idsync.rlcdn.com/419566.gif?partner_uid=CF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 155

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1650312005006&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON HTTP 302
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=763512976&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=RcNdYvGNBt2O9fgP_ZSRmAo&sscte=1&crd= HTTP 302
https://www.google.com/pagead/1p-conversion/1026675585/?random=763512976&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RcNdYvGNBt2O9fgP_ZSRmAo&cid=CAQSKQCNIrLMKebJuwbGw4Neqd5muX_Wcml_9TcNaXg9x_3Uwbw7ZLBS46hP&random=2104498827 HTTP 302
https://www.google.de/pagead/1p-conversion/1026675585/?random=763512976&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RcNdYvGNBt2O9fgP_ZSRmAo&cid=CAQSKQCNIrLMKebJuwbGw4Neqd5muX_Wcml_9TcNaXg9x_3Uwbw7ZLBS46hP&random=2104498827&ipr=y&prhg=0

Request Chain 156

https://um.simpli.fi/spotx_match HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=CF3A1C88B3994E7A8DA6C47F7321F72D HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=CF3A1C88B3994E7A8DA6C47F7321F72D&__user_check__=1&sync_id=23e90a5a-bf52-11ec-bc75-14604df00306

Request Chain 157

https://um.simpli.fi/an HTTP 302
https://ib.adnxs.com/setuid?entity=66&code=CF3A1C88B3994E7A8DA6C47F7321F72D HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 158

https://um.simpli.fi/rb_match HTTP 302
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CF3A1C88B3994E7A8DA6C47F7321F72D&expires=365

Request Chain 159

https://um.simpli.fi/ox_match HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072966&val=CF3A1C88B3994E7A8DA6C47F7321F72D

Request Chain 160

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc HTTP 302
https://um.simpli.fi/g_match?id=&google_gid=CAESEAofmDv29nHeI4sSPC7JJuY&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF3A1C88B3994E7A8DA6C47F7321F72D HTTP 302
https://um.simpli.fi/g_match?id=

169 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request coyote_milkyway.html&lang=sp Show response
www.windows2universe.org/mythology/ 40 KB
41 KB 446ms
139ms Document
text/html 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache / PHP/5.5.38
Resource Hash: 4064f00ebcd7bba592f1fdddaae0f61bba5975bfafd0b6bc29654d625ae44220

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/html
date: Mon, 18 Apr 2022 20:00:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
x-powered-by: PHP/5.5.38

GET
H2 200 style_main.css
www.windows2universe.org/redesign/ 22 KB
23 KB 207ms
206ms Stylesheet
text/css 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/redesign/style_main.css
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: edaba74200deef32f7a4b762c277ebdc3c9947d6908d054e8314239d0c382ef2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Tue, 03 Dec 2013 23:26:06 GMT
server: Apache
accept-ranges: bytes
content-length: 22903
content-type: text/css

GET
H2 200 colorbox1.css
www.windows2universe.org/redesign/ 5 KB
5 KB 207ms
206ms Stylesheet
text/css 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/redesign/colorbox1.css
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 3abdf42fc8d5efa09059aceac49f90a364c2125a8af3fd06890ce0a770889381

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Wed, 24 Oct 2012 00:11:27 GMT
server: Apache
accept-ranges: bytes
content-length: 5008
content-type: text/css

GET
H2 200 horiz-nav.css
www.windows2universe.org/redesign/ 3 KB
3 KB 207ms
206ms Stylesheet
text/css 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/redesign/horiz-nav.css
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 579bc4adea57f3a03b323fbbeaa32979dac776934005ca7ca2c2a6ee3dbabdde

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Fri, 30 May 2014 19:07:09 GMT
server: Apache
accept-ranges: bytes
content-length: 2587
content-type: text/css

GET
H2 200 jquery.min.js Show response
www.windows2universe.org/JavaScript/ 93 KB
93 KB 207ms
206ms Script
application/javascript 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/JavaScript/jquery.min.js
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: ef66566d2af26e162baef41cdaaffa175265d3b44fe2bde2b1d874b0ed258e38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sat, 14 Feb 2015 22:18:35 GMT
server: Apache
accept-ranges: bytes
content-length: 94935
content-type: application/javascript

GET
H2 200 jquery.zrssfeed.min.js Show response
www.windows2universe.org/JavaScript/zrssfeed/ 4 KB
4 KB 207ms
206ms Script
application/javascript 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/JavaScript/zrssfeed/jquery.zrssfeed.min.js
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 2d211ba7d50b52f27e72efa6039ef173f10088be5828d24fc796405ded5c33b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Tue, 10 Feb 2015 00:21:04 GMT
server: Apache
accept-ranges: bytes
content-length: 3761
content-type: application/javascript

GET
H2 200 jquery.vticker.js Show response
www.windows2universe.org/JavaScript/zrssfeed/ 2 KB
2 KB 207ms
206ms Script
application/javascript 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/JavaScript/zrssfeed/jquery.vticker.js
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 6c2ef5f8b2cd3020f002b8b156df1bfc49265bb8a22d8e4a43d865c72eb4ef35

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Tue, 10 Feb 2015 00:21:04 GMT
server: Apache
accept-ranges: bytes
content-length: 1792
content-type: application/javascript

GET
H2 200 jquery.hoverIntent.minified.js Show response
www.windows2universe.org/redesign/hoverIntent/ 2 KB
2 KB 207ms
207ms Script
application/javascript 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/redesign/hoverIntent/jquery.hoverIntent.minified.js
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 5f3256e40bb12b17c6735ad618d5c809fd35ee237c9118633de33fa2b6deecc4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Mon, 23 Aug 2010 15:38:55 GMT
server: Apache
accept-ranges: bytes
content-length: 1606
content-type: application/javascript

GET
H2 200 jquery.colorbox.js Show response
www.windows2universe.org/redesign/ 25 KB
26 KB 207ms
207ms Script
application/javascript 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/redesign/jquery.colorbox.js
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 9c045c3bbf35955cb61448274ae428f1df5c56a188483ef0f0b88b1c5f4e81fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Tue, 12 May 2015 14:17:05 GMT
server: Apache
accept-ranges: bytes
content-length: 26017
content-type: application/javascript

GET
H2 200 win_main_jquery.js Show response
www.windows2universe.org/JavaScript/ 669 B
722 B 208ms
208ms Script
application/javascript 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/JavaScript/win_main_jquery.js
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: d86f1e2508820eb7b58047a9248e8af57d5d9e07eadcae2f8b9a1cc5a5c79076

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Mon, 25 May 2015 00:38:56 GMT
server: Apache
accept-ranges: bytes
content-length: 669
content-type: application/javascript

GET
H2 200 print.css
www.windows2universe.org/redesign/ 1 KB
1 KB 236ms
234ms Stylesheet
text/css 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to

Full URL: https://www.windows2universe.org/redesign/print.css
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 85576c0a7221d9cc35b8c28768c64e161cd4a436636965fb4a1b93b3cf708392

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sun, 14 Nov 2010 21:17:35 GMT
server: Apache
accept-ranges: bytes
content-length: 1178
content-type: text/css

GET bootstrap.js
c.compete.com/bootstrap/s/1d3a8cb11daf54e5c6ac580623fdf64c/windows2universe-org/ 0
0

GET
H2 200 logo_sp.gif
www.windows2universe.org/images/ 7 KB
8 KB 137ms
137ms Image
image/gif 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/images/logo_sp.gif
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 2ed88dc1fd1ea62fe8d57f584b4125831229f94ff9a7a9103db12c8fa1b984f0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Mon, 30 Aug 2010 15:02:48 GMT
server: Apache
accept-ranges: bytes
content-length: 7652
content-type: image/gif

GET
H2 200 language_sp.gif
www.windows2universe.org/redesign/ 2 KB
2 KB 133ms
130ms Image
image/gif 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/redesign/language_sp.gif
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: f9087ac7d22dd75cc18e8a7ae72e04984c7395b6bc92819c79e0b3d09db6ef55

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Fri, 30 Jul 2010 02:28:32 GMT
server: Apache
accept-ranges: bytes
content-length: 1654
content-type: image/gif

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/250/ 353 KB
114 KB 131ms
30ms Script
application/javascript 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/250/addthis_widget.js

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-170.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

aad2b6d960df65a46563c335ca5dbf6f4da009ef0c0e3c6728d7c3173958349f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Mon, 18 Apr 2022 20:00:03 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H2 200 coyote_sm.jpg
www.windows2universe.org/mythology/images/ 16 KB
16 KB 134ms
129ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/mythology/images/coyote_sm.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 5e11460dbd398613c4a9f5ea381c7e4bedba60a97dcbad973f007ae9e3337f26

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sat, 16 Sep 2000 22:45:05 GMT
server: Apache
accept-ranges: bytes
content-length: 16476
content-type: image/jpeg

GET
H2 200 10_2006_5.jpg
www.windows2universe.org/newsletters/images/ 4 KB
4 KB 134ms
129ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/newsletters/images/10_2006_5.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 6096663b5f8e117be1e54c224af1624a4fb08245914e6d6940003f8a535e1780

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Thu, 28 Sep 2006 16:44:59 GMT
server: Apache
accept-ranges: bytes
content-length: 3608
content-type: image/jpeg

GET
H2 200 11_2006_6.jpg
www.windows2universe.org/newsletters/images/ 26 KB
26 KB 134ms
130ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/newsletters/images/11_2006_6.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: da7e7af997544d4978478262acb934fa42edac627b3a06fb8fe40bfbd83ac6f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Thu, 26 Oct 2006 00:54:44 GMT
server: Apache
accept-ranges: bytes
content-length: 26135
content-type: image/jpeg

GET
H2 200 4_2009_Corner3.jpg
www.windows2universe.org/newsletters/images/ 14 KB
14 KB 134ms
129ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/newsletters/images/4_2009_Corner3.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: d7e4910b3f2fc40786be72fd0f7afda7086062b1d0454c8a6d648b7802091dcd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Fri, 20 Mar 2009 20:46:15 GMT
server: Apache
accept-ranges: bytes
content-length: 14386
content-type: image/jpeg

GET
H2 200 earthatm_atmoptics.jpg
www.windows2universe.org/images/icons/ 17 KB
17 KB 134ms
129ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/images/icons/earthatm_atmoptics.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 05b560ab56271abfee4553e439a6efdec2fdc1d28f14186524fab5882121ec50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Thu, 05 Aug 2010 20:10:47 GMT
server: Apache
accept-ranges: bytes
content-length: 17334
content-type: image/jpeg

GET
H2 200 teacher_newsletter.jpg
www.windows2universe.org/images/icons/ 21 KB
21 KB 135ms
131ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/images/icons/teacher_newsletter.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 2c25517a57ed3ca89bcf0ecf539c6b232555a1530946ee91b2a273c8a2bfcb73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Tue, 24 Aug 2010 01:54:19 GMT
server: Apache
accept-ranges: bytes
content-length: 21206
content-type: image/jpeg

GET
H2 200 schools_aboutsciedu.jpg
www.windows2universe.org/images/icons/ 20 KB
21 KB 136ms
131ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/images/icons/schools_aboutsciedu.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 7850f5162307188cc001805fc7ef09291bccd1cc1453310ab71a0a93dbc3b17c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sun, 29 Aug 2010 01:35:00 GMT
server: Apache
accept-ranges: bytes
content-length: 20890
content-type: image/jpeg

GET
H2 200 xctmpi2orCg.png
www.windows2universe.org/store/images/T/ 32 KB
32 KB 140ms
135ms Image
image/png 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/store/images/T/xctmpi2orCg.png
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 31af3c58ad1d258a9b83a7e2f099895b98eb42c95ff4dd775f6bda5ea67de23e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Mon, 19 Mar 2012 01:17:23 GMT
server: Apache
accept-ranges: bytes
content-length: 32555
content-type: image/png

GET
H2 200 ahsonnutli.jpg
www.windows2universe.org/mythology/images/ 11 KB
11 KB 235ms
231ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/mythology/images/ahsonnutli.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: b5cfb5f412d44a72b9dc9b092eb32062200f5c3c56aada240cee84d145426eab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sat, 16 Sep 2000 22:41:13 GMT
server: Apache
accept-ranges: bytes
content-length: 10868
content-type: image/jpeg

GET
H2 200 amphitrite_sm.jpg
www.windows2universe.org/mythology/images/ 43 KB
44 KB 236ms
232ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/mythology/images/amphitrite_sm.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 7cfe24f5bdcac4e32babe5dc529992067ee6778aba29bd7019173efcd25bb2e8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sat, 16 Sep 2000 22:41:27 GMT
server: Apache
accept-ranges: bytes
content-length: 44443
content-type: image/jpeg

GET
H2 200 symposium_gods_sm.jpg
www.windows2universe.org/mythology/images/ 39 KB
39 KB 237ms
233ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/mythology/images/symposium_gods_sm.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: b009f040ed0a69d8e5a04e722de3cda12c132d4544c441570046b91ab275f14c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sat, 16 Sep 2000 22:56:10 GMT
server: Apache
accept-ranges: bytes
content-length: 39816
content-type: image/jpeg

GET
H2 200 primavera_sm.gif
www.windows2universe.org/mythology/images/ 48 KB
48 KB 237ms
233ms Image
image/gif 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/mythology/images/primavera_sm.gif
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 62532bf264b927bbf8dea81fbcd94d069c1f536446cfdaf4e3cf6032ba13c6a8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sat, 16 Sep 2000 22:54:45 GMT
server: Apache
accept-ranges: bytes
content-length: 49117
content-type: image/gif

GET
H2 200 cancer_sm.jpg
www.windows2universe.org/mythology/images/ 59 KB
59 KB 236ms
232ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/mythology/images/cancer_sm.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: cfb1b78204132272b5f0dd5fd971b828918252563e2eeaedb489bfb8ce90529f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sat, 16 Sep 2000 22:43:41 GMT
server: Apache
accept-ranges: bytes
content-length: 59961
content-type: image/jpeg

GET
H2 200 perseus_constellation_sm.jpg
www.windows2universe.org/mythology/images/ 36 KB
37 KB 238ms
234ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/mythology/images/perseus_constellation_sm.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: edc2c81d24fe484d31a9017e87f607e90a78a8c83128b6b00b3c897754322b90

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Sat, 16 Sep 2000 22:54:00 GMT
server: Apache
accept-ranges: bytes
content-length: 37319
content-type: image/jpeg

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 154 KB
54 KB 99ms
72ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b30038ff51590d98c5560f6925bc1a5e4e6296b29e1cfced2316c7bbdb6000d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54245
x-xss-protection: 0
server: cafe
etag: 8196084950581179123
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 20:00:03 GMT

GET
H2 200 sponsors1.jpg
www.windows2universe.org/redesign/ 3 KB
3 KB 237ms
233ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/redesign/sponsors1.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: f7afd4eab4a7b7c8879e482ade374aa201e6a487053da9d6b5ef1c8fa2ee3d38

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Wed, 27 Aug 2014 04:12:55 GMT
server: Apache
accept-ranges: bytes
content-length: 2842
content-type: image/jpeg

GET
H2 200 sponsors2.jpg
www.windows2universe.org/redesign/ 5 KB
5 KB 237ms
233ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/redesign/sponsors2.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: cdb099d5f363aaa9f0206eb50506ee62861cd77d5a1970f36f8a55f8d4eb4d8d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Wed, 27 Aug 2014 04:16:49 GMT
server: Apache
accept-ranges: bytes
content-length: 4716
content-type: image/jpeg

GET
H2 200 dpx.js Show response
i.simpli.fi/ 3 KB
4 KB 87ms
25ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/dpx.js?cid=1543&action=100&segment=MW-NESTAweb&m=1

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 18 Apr 2022 20:00:03 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, private, must-revalidate, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 3095
x-request-id: FucWBhiO-s0GlotYMhih
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

404

404error.php
www.windows2universe.org/php/
Redirect Chain

https://www.windows2universe.org/bug/mythology/coyote_milkyway.html&lang=sp
https://www.windows2universe.org/php/404error.php

34 KB
34 KB

199ms
199ms

Image
text/html

69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/php/404error.php
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache / PHP/5.5.38
Resource Hash: 7d9cb37caa42884ecf576d900ed098198383466e3f19ee270e50207e9d32452e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:04 GMT
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT
server: Apache
x-powered-by: PHP/5.5.38
content-type: text/html

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:03 GMT
server: Apache
x-powered-by: PHP/5.5.38
content-type: text/html
location: /php/404error.php
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET 1ctW8Bo
bit.ly/ 0
0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 83 KB
29 KB 40ms
14ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6447b819f1671061eaef6eb9a388b162c8714aed75720e7e4a579f738e30cb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28592
x-xss-protection: 0
server: sffe
etag: "1190 / 939 of 1000 / last-modified: 1650280021"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Mon, 18 Apr 2022 20:00:03 GMT

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 26ms
8ms Script
application/javascript 99.86.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-34.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 02:43:38 GMT
content-encoding: gzip
etag: W/"1827f116c73f319409b97f10b8a58ade"
last-modified: Fri, 26 Feb 2021 14:35:05 GMT
server: AmazonS3
age: 62195
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: e4AHc9PEoJgLQIXLHh3LLy62C_85Ya-D2T8-46GdiA6fCCrSxdyeDw==

GET
H2 200 ados.js Show response
engine.multiview.com/ 37 KB
10 KB 390ms
95ms Script
application/javascript 23.23.134.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.multiview.com/ados.js
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.134.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-134-191.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: c05e33e6c4251ad52eb977a7c942acd52fca8c4bb96d109d3314160e447a0e27

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Tue, 22 Mar 2022 19:56:51 GMT
server: nginx/1.18.0 (Ubuntu)
etag: W/"623a2a03-9238"
content-type: application/javascript

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 32ms
6ms Script
text/javascript 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3125
date: Mon, 18 Apr 2022 19:07:58 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Mon, 18 Apr 2022 21:07:58 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 6172
date: Mon, 18 Apr 2022 18:17:11 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Mon, 18 Apr 2022 20:17:11 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 62ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 25 Apr 2022 20:00:03 GMT

GET
H2 200 all.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

641f86461a1b1ed278ca18cc153edbdcab2cad79d146baf07c8c441e7ded3503

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: a0hXVwDfIpmNyfWBzIgSSg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: B7qpNRhWdACIGtlJsSuUsWHSl+kTlJl7ONPYeDDa2CQM/797nbu9JeWjtfhGSrihhB9o1xjSQGzP8bKwX1IjVg==
x-fb-trip-id: 686109401
x-fb-content-md5: f98643760fb3a17121abeed99fcab3fa
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 18 Apr 2022 20:00:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
etag: "6470047e32db33c4c5580933a2764bbd"
timing-allow-origin: *
priority: u=3,i
expires: Mon, 18 Apr 2022 20:19:34 GMT

GET
H2 200 earth_background.jpg
www.windows2universe.org/redesign/ 99 KB
100 KB 232ms
231ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/redesign/earth_background.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/redesign/style_main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: f35c450b1d2e0a0a60ade72a601c8282fb43e6b37330c2948d5e6413227e0eb3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/redesign/style_main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Fri, 20 Sep 2013 17:05:05 GMT
server: Apache
accept-ranges: bytes
content-length: 101784
content-type: image/jpeg

GET
H2 200 dots.gif
www.windows2universe.org/redesign/ 500 B
552 B 231ms
231ms Image
image/gif 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/redesign/dots.gif
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/redesign/style_main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: ad12953f985aedeafb10735b915e498cc08b4b048729c1af1bdf74b73668de78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/redesign/style_main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Tue, 13 Jul 2010 22:00:17 GMT
server: Apache
accept-ranges: bytes
content-length: 500
content-type: image/gif

GET
H2 200 bglinks_main.gif
www.windows2universe.org/redesign/ 612 B
664 B 231ms
231ms Image
image/gif 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/redesign/bglinks_main.gif
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/redesign/horiz-nav.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: 2fc3c66638d98c642cd16af118f2c4478703746dced8fa304c78ed1bbe6e3e08

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/redesign/horiz-nav.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Fri, 27 Aug 2010 19:04:06 GMT
server: Apache
accept-ranges: bytes
content-length: 612
content-type: image/gif

GET
H2 200 share.jpg
www.windows2universe.org/redesign/ 675 B
728 B 225ms
225ms Image
image/jpeg 69.167.170.156
LIQUIDWEB

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.windows2universe.org/redesign/share.jpg
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/redesign/style_main.css
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 69.167.170.156 , United States, ASN32244 (LIQUIDWEB, US),
Reverse DNS: host.windows2universe.org
Software: Apache /
Resource Hash: f6b23c275a7f500e3d806f994bc27687e90c3038f427d12fff8db0c2a7d5e513

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/redesign/style_main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Tue, 13 Jul 2010 23:22:52 GMT
server: Apache
accept-ranges: bytes
content-length: 675
content-type: image/jpeg

GET
H3 200 all.js Show response
connect.facebook.net/en_US/ 289 KB
82 KB 17ms
8ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/all.js?hash=347bc04a6145cc64c51a15727ea4d6f8

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d9ac5a66638127e9742b09bdf7e22c1d2bf5faf2e38ea98c6340f1cfa1175835

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.windows2universe.org/
Origin: https://www.windows2universe.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
content-md5: edD30C95lFn8/EJd2Nnr9A==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 84310
x-fb-rlafr: 0
x-fb-debug: hqaTO8TavAgDFn+HJfcfLQOzJbvGAI7QJPEzKxBgSBNU+TnPf3FlKASmjNi6u60SOF2gF0+BZUjxV+OMVuLRNA==
x-fb-content-md5: 62525ca3f4b1039c2e58a482de6bb1e9
x-frame-options: DENY
date: Mon, 18 Apr 2022 20:00:03 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
etag: "18f23bc0dc143eed5b136f797c8b9950"
timing-allow-origin: *
priority: u=3,i
expires: Tue, 18 Apr 2023 19:01:26 GMT

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&c2=6035233&ns__t=1650312003849&ns_c=windows-1252&cv=3.5&c8=Coyote%20-%20Ventanas%20al%20Universo&c7=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyo...
https://sb.scorecardresearch.com/b2?c1=2&c2=6035233&ns__t=1650312003849&ns_c=windows-1252&cv=3.5&c8=Coyote%20-%20Ventanas%20al%20Universo&c7=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoy...

0
188 B

7ms
6ms

Image
text/plain

99.86.7.34
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035233&ns__t=1650312003849&ns_c=windows-1252&cv=3.5&c8=Coyote%20-%20Ventanas%20al%20Universo&c7=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&c9=
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Server: 99.86.7.34 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-7-34.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: hGCsxetQmugpJLl2utTyzPQc0pI3r5sP6llBQcHQFsI4bW_WL9byUg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c1=2&c2=6035233&ns__t=1650312003849&ns_c=windows-1252&cv=3.5&c8=Coyote%20-%20Ventanas%20al%20Universo&c7=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&c9=
date: Mon, 18 Apr 2022 20:00:03 GMT
via: 1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: lcNcY3fe4nFByoeyMA1QvLAkUA-VJU-CpItlvQaVE-pdvNfmUdRt3A==
x-cache: Miss from cloudfront

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1411396568&t=pageview&_s=1&dl=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&ul=en-us&de=windows-1252&dt=Coyote%20-%20Ventanas%20al%20Universo&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABCAAAAC~&jid=1653373936&gjid=577187113&cid=2089032751.1650312004&tid=UA-5033010-1&_gid=1150495605.1650312004&_r=1&_slc=1&z=518085760

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.windows2universe.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.windows2universe.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 29ms
14ms Image
image/gif 2a00:1450:4001:80f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=892336417&utmhn=www.windows2universe.org&utmcs=windows-1252&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Coyote%20-%20Ventanas%20al%20Universo&utmhid=1411396568&utmr=-&utmp=%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&utmht=1650312003891&utmac=UA-8361503-3&utmcc=__utma%3D154809790.2089032751.1650312004.1650312004.1650312004.1%3B%2B__utmz%3D154809790.1650312004.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1643145889&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAABAAAE~

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2022041201.js Show response
securepubads.g.doubleclick.net/gpt/ 369 KB
126 KB 37ms
6ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

sffe /

Resource Hash

ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 17:52:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7649
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 127945
x-xss-protection: 0
last-modified: Tue, 12 Apr 2022 08:36:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Apr 2023 17:52:34 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 87 B
716 B 51ms
22ms XHR
application/json 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.windows2universe.org

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

c9d96580cfced42e0bdf0b99f2b84c18d575eacbb661bce8578a2bb7b4dacafe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 20:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 80
x-xss-protection: 0
expires: Mon, 18 Apr 2022 20:00:03 GMT

GET
H2 200 rules-p-674DE8hxF_rfA.js Show response
rules.quantcount.com/ 3 B
439 B 31ms
7ms Script
application/javascript 2600:9000:223c:1a00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-674DE8hxF_rfA.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:1a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 07:25:22 GMT
via: 1.1 6faa38f38a1fee24a829fec7c748876c.cloudfront.net (CloudFront)
age: 45282
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 20:03:45 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-P2
accept-ranges: bytes
x-amz-cf-id: DZEoF8lvtk9lj4YJNzT-BhuhzAWj3W2SqWYpcVE7sF_HdLPAKNbNSA==

GET
H2 200 status
www.facebook.com/x/oauth/ 0
0 54ms
35ms Fetch
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/x/oauth/status?client_id=379806758743145&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&sdk=joey&wants_cookie_data=false

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/all.js?hash=347bc04a6145cc64c51a15727ea4d6f8

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: U7iFF2VLLQb2kFTuzGYHbuAzxQgvwTTP375WHeDL+eZCOFNWSqU2zRB7rDpy6g8Ah4Wgq6Wpv5Niu6izNrmZBg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
fb-s: unknown
date: Mon, 18 Apr 2022 20:00:03 GMT
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.windows2universe.org
access-control-expose-headers: fb-s
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 pixel;r=1886198775;rf=0;a=p-674DE8hxF_rfA;url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp;uht=2;fpan=1;fpa=P0-850126228-1650312003948;pbc=;ns=0;ce=1;qjs=1;...
pixel.quantserve.com/ 35 B
371 B 27ms
15ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1886198775;rf=0;a=p-674DE8hxF_rfA;url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp;uht=2;fpan=1;fpa=P0-850126228-1650312003948;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=windows2universe.org;je=0;sr=1600x1200x24;dst=0;et=1650312003947;tzo=0;ogl=

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:03 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 125ms
40ms Script
application/x-javascript 2.20.157.238
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.20.157.238 Milan, Italy, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-157-238.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: 45EED864711A619E
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=51761
accept-ranges: bytes
content-length: 948
x-amz-id-2: 6A9pVmW8y8aTdybVpxpT5jqSXDHjLXIW1mfSZXu3pRcgpvl2LsGORCbBv0W7aRgfRtAV1dZmxOQ=

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 40ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.windows2universe.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 39ms
15ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.windows2universe.org

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 216 KB
31 KB 627ms
612ms XHR
text/plain 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3634674440186744&correlator=2647426673665715&eid=31064226&output=ldjh&gdfp_req=1&vrg=2022041201&ptt=17&impl=fifs&iu_parts=2612394%2C156x192_rectangle%2C156x90_bottom_left%2C156x90_bottom_right%2C156x90_top_left%2C156x90_top_right%2Cbottom_leaderboard%2Ccontent_rectangle%2Cleft_skyscraper%2Cright_skyscraper%2Ctop_leaderboard%2CLarge_rectangle&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11&prev_iu_szs=156x192%2C156x90%2C156x90%2C156x90%2C156x90%2C728x90%2C300x250%2C160x600%2C160x600%2C728x90%2C336x280&ifi=1&adks=207834321%2C2835494755%2C2266657718%2C2034829264%2C1375536342%2C2296826738%2C312258091%2C2676734165%2C1401596749%2C228854748%2C1280491252&sfv=1-0-38&ecs=20220418&fsapi=false&sc=1&cookie_enabled=1&abxe=1&dt=1650312004062&lmt=1650312004&dlt=1650312003366&idt=617&biw=1600&bih=1200&adxs=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C294%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C539%2C-9%2C-9%2C-9&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C160x600%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C160x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2%2C2%2C2%2C2%2C0%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=true&btvi=-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C0%7C-1%7C-1%7C-1&nvt=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

f9c00cac4a6a4ece76796facc4f0bcb533542cdd68352bfbd56b2f7fc414c66e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31510
x-xss-protection: 0
google-lineitem-id: 2939834,1884074,1884314,-2,-2,-2,2757314,-1,-2,2750114,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 8808086114,5784313394,5784314474,-2,-2,-2,8366367914,-1,-2,8342441234,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.windows2universe.org
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D7A2 6 KB
4 KB 65ms
17ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:00:04 GMT
expires: Tue, 18 Apr 2023 20:00:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 like.php Show response
www.facebook.com/plugins/ Frame EA8C 46 KB
14 KB 170ms
161ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.windows2universe.org/mythology/coyote_milkyway.html&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=325911867506691

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d63da2e49d2fd98990a5c28526a97860a20587e6f61e9ff4947db794d77ac9e6

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d-test.facebook.com/ wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
content-type: text/html; charset="utf-8"
cross-origin-opener-policy: unsafe-none
date: Mon, 18 Apr 2022 20:00:04 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
pragma: no-cache
priority: u=0
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: dET7yhI21cmv4OYGbp0XTIWAR0kD6NkoFPVd8HIT/QZntvbLXCT6IKVWNqEhPiJ/PuVyPvZNZ76GSOuE0TqWyg==
x-fb-rlafr: 0
x-xss-protection: 0

GET glammedia_logo.js
www8.glam.com/js/widgets/ 0
0

GET
H3 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/ 303 KB
108 KB 49ms
34ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7815427952014216&plah=www.windows2universe.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dfabf314eb290e1380ca49411f6ca0fa0afb2498026179891f48bbc1932c29aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 110916
x-xss-protection: 0
server: cafe
etag: 710648751966408698
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 18 Apr 2022 20:00:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/ Frame 7BAF 10 KB
5 KB 35ms
6ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220413/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 17 Apr 2022 21:31:59 GMT
etag: 14837630671339829333
expires: Sun, 01 May 2022 21:31:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET load
ajax.googleapis.com/ajax/services/feed/ 0
0

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/xa-4c44c1d374d06de9/ 27 B
207 B 634ms
626ms Script
application/javascript 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/xa-4c44c1d374d06de9/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
content-disposition: attachment; filename=1.txt
cache-control: public, max-age=58, s-maxage=86400
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 91 B
251 B 691ms
276ms Script
application/javascript 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=625dc3448e8aaa47&bkl=0&bl=1&pdt=561&sid=625dc3448e8aaa47&pub=xa-4c44c1d374d06de9&rev=v8.28.8-wp&ln=es&pc=men&cb=0&ab=-&dp=www.windows2universe.org&fp=mythology%2Fcoyote_milkyway.html%26lang%3Dsp&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=windows-1252&colc=1650312004189&jsl=4257&uvs=625dc344c3397a13000&skipb=1&callback=addthis.cbs.jsonp__0376310808437529950
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-170.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: f4e94abb6f76a388583d4a1fe4d4a90f95e371ba7e6b37615cd4623e3b7d6a74

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:04 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 91
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame B3E5 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame CD3B 71 KB
26 KB 39ms
38ms Document
text/html 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-170.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=86313600
content-encoding: gzip
content-length: 26421
content-type: text/html
date: Mon, 18 Apr 2022 20:00:04 GMT
etag: W/"5f971164-11adc"
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
p3p: CP="NON ADM OUR DEV IND COM STA"
server: nginx/1.15.8
strict-transport-security: max-age=15724800; includeSubDomains
timing-allow-origin: *
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H2 200 client.es.min.json Show response
s7.addthis.com/l10n/ 4 KB
2 KB 97ms
27ms XHR
application/json 2.18.232.170
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/l10n/client.es.min.json

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/250/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.232.170 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-232-170.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

007276382e4e3f77c660fb7488fec524a21f7893a736db96dca415012a25075e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 15:15:17 GMT
server: nginx/1.15.8
etag: W/"5d77be05-e9d"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
cache-control: public, s-maxage=604800
date: Mon, 18 Apr 2022 20:00:04 GMT
x-host: s7.addthis.com
timing-allow-origin: *
content-length: 1753

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 224 B
423 B 16ms
16ms Script
text/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.windows2universe.org&callback=_gfp_s_&client=ca-pub-7815427952014216

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204140101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7815427952014216&plah=www.windows2universe.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

7700f3853a3e280c99c49e25d14b0f91fbf4f78940f7d9f9514d004d0a7de32f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 208
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 33ms
19ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.windows2universe.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 31ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.windows2universe.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 398F 23 KB
10 KB 250ms
235ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&h=600&slotname=2289166236&adk=1136797986&adf=110671561&pi=t.ma~as.2289166236&w=160&fwrn=4&fwrnh=100&lmt=1650312004&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004134&bpp=5&bdt=769&idt=103&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&correlator=1137718152227&frm=20&pv=2&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1138&ady=308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=KvMFhYGEXR&p=https%3A//www.windows2universe.org&dtd=120

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7bc5bc2886bd94371d1bbc5f7695fd6b93cf084fe23829476ffd62601aeef55

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9771
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:00:04 GMT
expires: Mon, 18 Apr 2022 20:00:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A3B6 87 KB
32 KB 552ms
552ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&h=280&slotname=9237717968&adk=2724253716&adf=3745365657&pi=t.ma~as.9237717968&w=728&fwrn=4&fwrnh=100&lmt=1650312004&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004139&bpp=1&bdt=773&idt=129&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1137718152227&frm=20&pv=1&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1692&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=yulEFAAaSi&p=https%3A//www.windows2universe.org&dtd=133

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d72baf843ad0871b37bfce6742b9d13f2d246b74f57bce146af910c128cda4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 32354
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:00:04 GMT
expires: Mon, 18 Apr 2022 20:00:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 396A 10 KB
4 KB 177ms
176ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&adk=1812271804&adf=3025194257&lmt=1650312004&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&plas=277x1080_l%7C294x1080_r&format=0x0&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004193&bpp=1&bdt=827&idt=91&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C728x280&nras=1&correlator=1137718152227&frm=20&pv=1&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=14&uci=a!e&fsb=1&dtd=104

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5014787a190348583c48577dcd9bbee6dd619ec401cc2b2f039aa6968450d3e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 4290
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:00:04 GMT
expires: Mon, 18 Apr 2022 20:00:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 OqOE21UvWe3.png
static.xx.fbcdn.net/rsrc.php/v3/y5/r/ Frame EA8C 400 B
645 B 7ms
7ms Image
image/png 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Fwww.windows2universe.org/mythology/coyote_milkyway.html&send=false&layout=button_count&width=100&show_faces=false&action=like&colorscheme=light&font&height=21&appId=325911867506691

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
x-content-type-options: nosniff
content-md5: uF0RL4E+h23ClLQmPOTTMw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 400
x-fb-rlafr: 0
x-fb-debug: 8oby2aiNx8KQ5jQ7U1KIzEZhKl8UMnSvb6J1amwCY0XD0kzowF96VALvb1/B8R8wdSsEZ9kRAdSAH/I3T0n1sQ==
x-fb-trip-id: 686109401
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Sun, 09 Apr 2023 04:50:30 GMT

GET
H3 200 BZAWbnRVeZ1.js Show response
static.xx.fbcdn.net/rsrc.php/v3iAxA4/y-/l/de_DE/ Frame EA8C 524 KB
137 KB 7ms
6ms XHR
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3iAxA4/y-/l/de_DE/BZAWbnRVeZ1.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2bf17d62ecb410efcb1a43f30e8bc759767b9772a82f66cc52f548309efc8586

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.facebook.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: DJK/N/o3cTkoVB4DSn0a0Q==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 139745
x-fb-rlafr: 0
x-fb-debug: FLGRlqNvtyardzyioEPIL7Vysj5rQ1YTFOh+xdtvJLPaBwly4HF75Q5wXdn0u+F2VGbcjAxTTu7PFhmEMAhLkQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://www.facebook.com
cache-control: public,max-age=31536000,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 14 Apr 2023 19:13:41 GMT

GET
H2 200 ados Show response
engine.multiview.com/ 2 KB
1 KB 107ms
106ms Script
application/javascript 23.23.134.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://engine.multiview.com/ados?t=1650312004327&request=%7B%22Placements%22%3A%5B%7B%22A%22%3A4466%2C%22S%22%3A54248%2C%22D%22%3A%22mvBoxAd%22%2C%22AT%22%3A1453%2C%22Z%22%3A%5B55869%5D%7D%5D%2C%22Keywords%22%3A%22undefined%22%2C%22Referrer%22%3A%22%22%2C%22IsAsync%22%3Atrue%7D
Requested by: Host: engine.multiview.com
URL: https://engine.multiview.com/ados.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.134.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-134-191.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: 9331eb7e85a74202ac9bed8a0caf090a18822dc4c3e9b7075027dbef8cf54f05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"915-ikvPpvccVZJocz0vhN8j2HkoaZ4"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: application/javascript; charset=utf-8
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
x-served-by: bifrost-production-shard001-us-east-1a-i-0b5c39bff2ea08c8b

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 398F 3 KB
1 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&h=600&slotname=2289166236&adk=1136797986&adf=110671561&pi=t.ma~as.2289166236&w=160&fwrn=4&fwrnh=100&lmt=1650312004&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004134&bpp=5&bdt=769&idt=103&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&correlator=1137718152227&frm=20&pv=2&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1138&ady=308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=KvMFhYGEXR&p=https%3A//www.windows2universe.org&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 19:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 19:54:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 398F 119 KB
36 KB 40ms
26ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 20:00:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 398F 15 KB
7 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 19:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 19:58:10 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 398F 0
0 48ms
48ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWkKwRMNdYrD2EaaO7_UPlKal4A7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPqgDAaoE8wFP0L0J6VwbM7Nzc8fqqHm_dKcf3mnJCgeWGdO1g0O89CJ-bn_BqxiKfyiuCq72qMUZSYD8bkeKeBwOu2hFxdNI6BU4VMBv0AbH_LpqAXr17oXDZUJ0FI5kFd4hdo3spfGypcB2_-vs-mXwQblt7adsMHG8fS6POJmMPVkuGC4GNOqeDopb_rwiblBt5AZv6s7uNp_EB7mywlpk4_SGVsSECvZavZWhFsgfC1uIK86_6mS4wdZttStTg9Vn4f8mZ_lKgkijd1tOyz3aaIOJjaa8HWL__1Dr0zPZTRkQHHl4Wr_8cBAFvz_Ojz0PC6sCB5N6HoCABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc4MTU0Mjc5NTIwMTQyMTYYAA&sigh=s_Nom9OF8Co&uach_m=[UACH]&cid=CAQSGwCNIrLM2cZ13jTYw0kga2CXafabM5nEhvcoIxgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&h=600&slotname=2289166236&adk=1136797986&adf=110671561&pi=t.ma~as.2289166236&w=160&fwrn=4&fwrnh=100&lmt=1650312004&rafmt=1&psa=0&format=160x600&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004134&bpp=5&bdt=769&idt=103&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&correlator=1137718152227&frm=20&pv=2&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1138&ady=308&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=12&uci=a!c&fsb=1&xpc=KvMFhYGEXR&p=https%3A//www.windows2universe.org&dtd=120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 18 Apr 2022 20:00:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Mon, 18 Apr 2022 20:00:04 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 398F 0
0 83ms
51ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U-b8ENyBMKAB2ASdg2ICAgAAAC_t_ET2VNb5QmPfCTu--TwQQ8NdYhzghHjVwUXLILtwABI&wp=Yl3DRAAEezAIu8cmAAlTFHMY8ffL7tU_QEn8kw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 227517
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame C0E8 167 KB
53 KB 195ms
166ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yl3DRAAEezAIu8cmAAlTFHMY8ffL7tU_QEn8kw&u=%7CILtxJKbxgfQpMJTaeyZlouuyJxQq3pUdFxIsQWsF%2Ffk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWZThCef16kqGZ9KRqhVVTcs1Ql9-O4vYSKkC2iLJ5j8gzdOtV_rhlKmYEEuZiIFGKJsCVVhAfPibeBzsexvxvgsX5YfCpeso6K3HKUEraWhPfRkVku4vCKrunYbDbshtAf6ZG4CVOQJmbGifWc5jMyO0PMr-fFWH8RheV8wQXnZh7bkfdeKmjKKmCla5dkY6iSmpww66OxOSn7WnIzO5GBo-GcbPN88bLOs9AWo_M4rsGwd2g2U0Xw33B_Fhnhwmupxx3VafaNqxkZ8wyEdbQtUe515if9IhXPZ6J8gV10BcBUivEXsMktNqfe-lYf6ZDhAyTC88alVepkfjJ9i8LbLZ0sq6L2b5HaMGhSnA0bDGOW5xzbXIs3SVNMxUkDSpDDJlZ6fdYQoCd6aAnhXjqJq8sEQbsj3nY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt64lRMNdYrD2EaaO7_UPlKal4A7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPqgDAaoE9gFP0L0J6VwbM7Nzc8fqqHm_dKcf3mnJCgeWGdO1g0O89CJ-bn_BqxiKfyiuCq72qMUZSYD8bkeKeBwOu2hFxdNI6BU4VMBv0AbH_LpqAXr17oXDZUJ0FI5kFd4hdo3spfGypcB2_-vs-mXwQblt7adsMHG8fS6POJmMPVkuGC4GNOqeDopb_rwiblBt5AZv6s7uNp_EB7mywlpk4_SGVsSECvZavZWhFsgfC1uIK86_6mS4wdZttStTg9Vn4f8mZ_lKgkijd1tOyz3aaIOJz6Sdj-VwY0NUTyd6nSS25HBsUAn2XgiHC_fzKc-wFYcagjn-DT_Gt5CABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ah_s74CeYU16lhZ68aus9rfVRpw%26client%3Dca-pub-7815427952014216%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

694bace268fdfb158ad1e284bf342ab8a525cea66bf0bbfad6afb027dbb26c97

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:00:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=9xRY1hUzRS9wuXI6Kj9VgqCT_m08NdFrTIHr0Ht6vXprRfxJQQA6_8_scflb3yJZ46UmElct1W5MrJ-YHWsnmS33nfqpbg5ukpaJAXW5CSw9RBjZ5eQ2hrPC1CBf4akk6YcwwQiy1smUhaMvmGDNwhzVlsCyHcsAAnzNj4D_qYOblFPR5-N6bVm4cDZ80KHMdc4GipkvInnAX5rTjBy0NgjB7PvfapcZuuWNkDXOMJcRyRywBb6mQjqvIpN4VFBcGYl4_g"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 144853474
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 a323e5842171467ebfffd0dcf6a16abe.gif
s.zkcdn.net/Advertisers/ 33 KB
34 KB 40ms
12ms Image
image/gif 13.225.80.89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.zkcdn.net/Advertisers/a323e5842171467ebfffd0dcf6a16abe.gif
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.80.89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-80-89.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 9d31b69298cad4866d2a1af53f0adbc928395152d30e296f95f43d1d8d9877b1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 15 Feb 2022 03:55:44 GMT
via: 1.1 d9bf8acc1da383db4531789bbb03ac06.cloudfront.net (CloudFront)
last-modified: Thu, 04 Dec 2014 23:32:58 GMT
server: AmazonS3
age: 5414661
etag: "e8d7264f5d6a115308d0c9c067c11d30"
x-cache: Hit from cloudfront
x-amz-version-id: null
cache-control: max-age=31556926
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-type: image/gif
content-length: 34182
x-amz-cf-id: cfuh_EdADjTQR-2VN4jqIcbFjRnDUaQlkWDgoTKw_2cThcv-y5VS5A==
expires: Mon, 18 Dec 2023 19:14:51 GMT

GET
H2 200 i.gif
engine.multiview.com/ 43 B
498 B 102ms
101ms Image
image/gif 23.23.134.191
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://engine.multiview.com/i.gif?e=eyJ2IjoiMS4xMCIsImF2Ijo0MzQyMCwiYXQiOjE0NTMsImJ0IjowLCJjbSI6NjQyNzksImNoIjoxNDY1MSwiY2siOnt9LCJjciI6MjAxNTc5LCJkaSI6IjEzMjk3N2I2OWRmYTRjZGQ5NDM5ZWM1ZmIzYzY1NzI0IiwiZGoiOjAsImlpIjoiNDI4MzU5NjYxNzA3NGFhYWFmNGQ3YzliYWY4MmFjMTciLCJkbSI6MSwiZmMiOjI1NDIyOCwiZmwiOjExNDQ1OCwiaXAiOiIyMTcuNjQuMTUxLjMwIiwibnciOjQ0NjYsInBjIjowLCJvcCI6MCwiZWMiOjAsImdtIjowLCJlcCI6bnVsbCwicHIiOjQ4MDE4LCJydCI6MSwicnMiOjUwMCwic2EiOiJ1bmRlZmluZWQiLCJzYiI6ImktMGI1YzM5YmZmMmVhMDhjOGIiLCJzcCI6NjU5MzA3LCJzdCI6NTQyNDgsInVrIjoidWUxLTE2ZGY5ZTJlZDcxYjQ1MjViNWNlZjJmYmFkYmU3MThkIiwiem4iOjU1ODY5LCJ0cyI6MTY1MDMxMjAwNDM4NiwiYmYiOnRydWUsInBuIjoibXZCb3hBZCIsImdjIjpmYWxzZSwiZ0MiOmZhbHNlLCJnaSI6dHJ1ZSwiZ3MiOiJub25lIiwidHoiOiJVVEMiLCJiYSI6MSwiZnEiOjB9&s=N7sNAu3tfWh4fdTmegPgChKmXTk
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 23.23.134.191 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-23-23-134-191.compute-1.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) / adzerk bifrost/
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:04 GMT
server: nginx/1.18.0 (Ubuntu)
x-powered-by: adzerk bifrost/
etag: W/"2b-6KwiS6nul+h2cO1vOi8BKLevn+Q"
access-control-allow-methods: GET, PUT, POST, DELETE, OPTIONS
content-type: image/gif
access-control-allow-origin: undefined
expires: 0
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Accept, Origin, Content-Type, Content-Length, X-Adzerk-Explain, X-Adzerk-Sdk-Version
content-length: 43
x-served-by: bifrost-production-shard001-us-east-1e-i-0c676252577e029fb

GET
DATA 200
OK truncated
/ Frame 398F 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4437a6072c1b0fe27201c8502ebf929163be94fafce33b7607315043f70b0e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 container.html Show response
147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 406B 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:00:04 GMT
expires: Tue, 18 Apr 2023 20:00:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame C0E8 2 KB
1 KB 46ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yl3DRAAEezAIu8cmAAlTFHMY8ffL7tU_QEn8kw&u=%7CILtxJKbxgfQpMJTaeyZlouuyJxQq3pUdFxIsQWsF%2Ffk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWZThCef16kqGZ9KRqhVVTcs1Ql9-O4vYSKkC2iLJ5j8gzdOtV_rhlKmYEEuZiIFGKJsCVVhAfPibeBzsexvxvgsX5YfCpeso6K3HKUEraWhPfRkVku4vCKrunYbDbshtAf6ZG4CVOQJmbGifWc5jMyO0PMr-fFWH8RheV8wQXnZh7bkfdeKmjKKmCla5dkY6iSmpww66OxOSn7WnIzO5GBo-GcbPN88bLOs9AWo_M4rsGwd2g2U0Xw33B_Fhnhwmupxx3VafaNqxkZ8wyEdbQtUe515if9IhXPZ6J8gV10BcBUivEXsMktNqfe-lYf6ZDhAyTC88alVepkfjJ9i8LbLZ0sq6L2b5HaMGhSnA0bDGOW5xzbXIs3SVNMxUkDSpDDJlZ6fdYQoCd6aAnhXjqJq8sEQbsj3nY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt64lRMNdYrD2EaaO7_UPlKal4A7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPqgDAaoE9gFP0L0J6VwbM7Nzc8fqqHm_dKcf3mnJCgeWGdO1g0O89CJ-bn_BqxiKfyiuCq72qMUZSYD8bkeKeBwOu2hFxdNI6BU4VMBv0AbH_LpqAXr17oXDZUJ0FI5kFd4hdo3spfGypcB2_-vs-mXwQblt7adsMHG8fS6POJmMPVkuGC4GNOqeDopb_rwiblBt5AZv6s7uNp_EB7mywlpk4_SGVsSECvZavZWhFsgfC1uIK86_6mS4wdZttStTg9Vn4f8mZ_lKgkijd1tOyz3aaIOJz6Sdj-VwY0NUTyd6nSS25HBsUAn2XgiHC_fzKc-wFYcagjn-DT_Gt5CABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ah_s74CeYU16lhZ68aus9rfVRpw%26client%3Dca-pub-7815427952014216%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame C0E8 2 KB
1 KB 47ms
19ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame C0E8 308 B
636 B 45ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame C0E8 507 B
835 B 58ms
33ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame C0E8 0
687 B 219ms
159ms Image
text/plain 2600:9000:223c:7400:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1650312003
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yl3DRAAEezAIu8cmAAlTFHMY8ffL7tU_QEn8kw&u=%7CILtxJKbxgfQpMJTaeyZlouuyJxQq3pUdFxIsQWsF%2Ffk%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWZThCef16kqGZ9KRqhVVTcs1Ql9-O4vYSKkC2iLJ5j8gzdOtV_rhlKmYEEuZiIFGKJsCVVhAfPibeBzsexvxvgsX5YfCpeso6K3HKUEraWhPfRkVku4vCKrunYbDbshtAf6ZG4CVOQJmbGifWc5jMyO0PMr-fFWH8RheV8wQXnZh7bkfdeKmjKKmCla5dkY6iSmpww66OxOSn7WnIzO5GBo-GcbPN88bLOs9AWo_M4rsGwd2g2U0Xw33B_Fhnhwmupxx3VafaNqxkZ8wyEdbQtUe515if9IhXPZ6J8gV10BcBUivEXsMktNqfe-lYf6ZDhAyTC88alVepkfjJ9i8LbLZ0sq6L2b5HaMGhSnA0bDGOW5xzbXIs3SVNMxUkDSpDDJlZ6fdYQoCd6aAnhXjqJq8sEQbsj3nY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCt64lRMNdYrD2EaaO7_UPlKal4A7JntKxXNWdkfdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPqgDAaoE9gFP0L0J6VwbM7Nzc8fqqHm_dKcf3mnJCgeWGdO1g0O89CJ-bn_BqxiKfyiuCq72qMUZSYD8bkeKeBwOu2hFxdNI6BU4VMBv0AbH_LpqAXr17oXDZUJ0FI5kFd4hdo3spfGypcB2_-vs-mXwQblt7adsMHG8fS6POJmMPVkuGC4GNOqeDopb_rwiblBt5AZv6s7uNp_EB7mywlpk4_SGVsSECvZavZWhFsgfC1uIK86_6mS4wdZttStTg9Vn4f8mZ_lKgkijd1tOyz3aaIOJz6Sdj-VwY0NUTyd6nSS25HBsUAn2XgiHC_fzKc-wFYcagjn-DT_Gt5CABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1ah_s74CeYU16lhZ68aus9rfVRpw%26client%3Dca-pub-7815427952014216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:7400:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:04 GMT
via: 1.1 c387974a86541bbcc6c5141a85eeaf36.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P2
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: otpU1QfzburGsTEg6z6hutKyWaxGeGpvse2YPUYhh-93gop61eawRg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame C0E8 43 B
348 B 45ms
17ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=fBOVCbVoxiUkYxpRvIEneF5dHbAT2v8cHWq2pQpj0rSOHFfH07j7qbiPoRYWI5RFpX2fQxB3sZnJ2_U5DI11a9X4zTuFaeW7MSTsuqxevvD20qWWcim2gi0uC5bVEiYZsZJLlWRSpuLJOFwo3r6bOn3cjX7SJZ29AHzWKvUy6Kfl-4LOW0FBeNo1eY0hN_y60_7Y1ksSuxiSh3tl72txXsd_154fZfGWwtg-Du9BtX6brxGuzNFKzQk9JdSgiXX7XXC4H1xdLumK3NdW8Ar4AQlpPyb6AT_sq7eXHuSs-XumAk1xn22woYedbsYi8rNsytZUIYNGzrDxs5-DCq3pu1KokL6m1MV38vooxhBnylxWAm-x_SMTbUGCZ7BOxSznC_-yXQ4uTSSU0xqRSoPfeIfHM6x6cK0X3fO1n16YZg3sj2duixOq9MSXiuIWFAIOBne9vw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:03 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1737324
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame C0E8 12 KB
6 KB 23ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C0E8 9 KB
10 KB 61ms
23ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=108&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=316&s=yESPooROoRi3Jpqgu1pEFu6z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3769f5b84f2f3c8e4da085a3a576ecb6212ccfdf72ec3b9c3501dcecc0a339ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28899659
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9515
expires: Sun, 19 Mar 2023 07:41:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C0E8 2 KB
2 KB 51ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FA%2FlogoN26-GmbH-146811DE-1911011235.gif%3Feb%3D1&v=3&w=400&s=v7iW5ol0dBycAluYZcH9GQPj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

7df4cb1633e792be6111befe4599578305e9c781180a6969dff468d0ed52a2e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2232
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C0E8 1 KB
2 KB 50ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F5%2FlogoTrade-Republic-Bank-GmbH-244715DE-2004141541.gif%3Feb%3D1&v=3&w=400&s=5WoNKN_C2ggc4KEv-uhupfzx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

960182bb80c02705ad699667ae8b81df296852d86184e724f1bd2cbbef204d3a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=593011
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1400
expires: Mon, 25 Apr 2022 16:43:36 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C0E8 2 KB
2 KB 49ms
13ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoRhenus-Warehousing-Solutions-SE-Co-KG-235052DE-1909261134.gif%3Feb%3D1&v=3&w=400&s=ZQkE6qbdDFkS2o_1rRtfUXn2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

dbb3b14725a5dc6385bc87f9db286c819b01ed119b3df72b6123992dd2aca312

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2189
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C0E8 2 KB
2 KB 59ms
23ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoBelle-Epoque-Gesellschaft-fur-behutsame-Stadterneuerung-mbH-128850DE-2202110956.gif%3Feb%3D1&v=3&w=400&s=aTeUAd7Q8RYIvAMmkZWNy9H8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1be515e7b4ddcccb53b211559aa36a818a698addeb211e90e4b7e5cb83c199bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2110758
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1978
expires: Fri, 13 May 2022 06:19:22 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C0E8 4 KB
4 KB 61ms
25ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F8%2FlogoDedalus-HealthCare-GmbH-246037DE-2005251147.gif%3Feb%3D1&v=3&w=400&s=a_9tG6WroTFE3pxuxNbscQWh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

62903103b62931827a58bf885503dfebe78b76dd92e2becab8ce1b92e3650bfa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1848763
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 3600
expires: Tue, 10 May 2022 05:32:48 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C0E8 1 KB
1 KB 18ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=400&s=57jpJpXqQqO6aPmte_wy5ihf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2390437
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1244
expires: Mon, 16 May 2022 12:00:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C0E8 2 KB
3 KB 17ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F1%2FlogoAdragos-Pharma-GmbH-255511DE-2012290929.gif%3Feb%3D1&v=3&w=400&s=jZo82XkMOe_Ty4SqAimItFkP&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3bd42f8caf5cd77cea9b080cee75de386d0524c44f44037ad3a7e7b35a7a9ab9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1422264
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2508
expires: Thu, 05 May 2022 07:04:29 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame C0E8 2 KB
2 KB 17ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoStepStone-GmbH-148733DE.gif%3Feb%3D1&v=3&w=400&s=wSPXg05NAm7YwFBXI_4Y57ix&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:03 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2301828
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1770
expires: Sun, 15 May 2022 11:23:52 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame C0E8 0
128 B 68ms
31ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=9xRY1hUzRS9wuXI6Kj9VgqCT_m08NdFrTIHr0Ht6vXprRfxJQQA6_8_scflb3yJZ46UmElct1W5MrJ-YHWsnmS33nfqpbg5ukpaJAXW5CSw9RBjZ5eQ2hrPC1CBf4akk6YcwwQiy1smUhaMvmGDNwhzVlsCyHcsAAnzNj4D_qYOblFPR5-N6bVm4cDZ80KHMdc4GipkvInnAX5rTjBy0NgjB7PvfapcZuuWNkDXOMJcRyRywBb6mQjqvIpN4VFBcGYl4_g&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 20:00:04 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C0E8 2 KB
1 KB 18ms
18ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame C0E8 2 KB
1 KB 16ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 406B 0
0 46ms
45ms Fetch
text/html 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CJdVPRMNdYoXjCs217_UP9O2RqATJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPuACAKgDAaoElgJP0GhmI4YDEfDJIxUYHchRD4DK_4GniABg9yebijv79eW81e9lLwa137pXDFCTY1lzb7eSfyIYovQ1eqWWNT568s6oPVQmN4BvlUoqCUppF4Fi2UezypO4iBEUiW1S2goyBhCkEqDzFUA8ljbRHOXzwEM3m2xJuh7mO0mpIi04XTJne3n-IOwclk9TNkOMrEiu8GTBlF_RKklqTDgvKnQD9sJfgx0pqUs5kokwyn0CMFYlBZqkTdagLuJNz7-PEbKwK6DIrhVQ6rJqs-t0RhVeUEB8BvPypO-A0VJMI5l0KRRPrUFN0D-ZoeRYP8hEKLM4Vojdr36MTt6vxzf8Q8Bsa9I4Y9Z_4tyW79jpiiZ0mTl9myAqgOAEAYAGrt-ZoLP2it34AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxwKGhIUcHViLTc4MTU0Mjc5NTIwMTQyMTYYqqIP&sigh=IYWUpbQx_-0&uach_m=[UACH]&cid=CAQSPwCNIrLMcGXxj8b-b7IuN0Iv5mnDaRqpQ4_aXX7wgP5a4V_8hnADH98ojoCAeQHv9mpVXw_01sdBDAPcDb5g4RgB
Requested by: Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f2.1e100.net
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 406B 0
0 16ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=U_2jEtyBMKAB2ASdg2ICAgAAAKWeP-XbNl2zQmPfCTu--TwQQ8NdYswBqCgAziX_smG3ABI&wp=Yl3DRAACsYUIu9rNAAR29M3YUCl16jnlzkpgKg

Requested by

Host: www.windows2universe.org
URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 169939
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9666 44 KB
17 KB 24ms
22ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yl3DRAACsYUIu9rNAAR29M3YUCl16jnlzkpgKg&u=%7CILtxJKbxgfSYQQpoy%2FJ%2FnWTS%2Bg4P0Bt4PqsNpKPS6K0%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWZThCef16kqGZ9KRqhVVTcgo6QbTZ-if0mGoLBfgr9dLOylIoy89GQVdu8lL718sminklUiriX_7U1V7gsuLvyWzbjouVZld3v7Wngopx3YVVWQqPhl72OzU9VL4cgoUB9IOVjCSC6ABj1uLumbMglmeAwi1Xtd3dp02Jb8jOvvOeAe6TSWbNgjUv9vArqd7blIPdKBAirOJHpujqqCb4eYew-Bqv2mDOeaRe9ImZvEemlWJmxqlw88m2CMX7vV0aN3LcPIlk6JLX8JkdDJ-_pGGUMV3GPFlQASpnE--BmTCSDV8XhJC25_3U0IWje_3Uh2k1fbOGhnm75BTv6VwkF-XapSe6M70WUz4we2mhQD1YT6GjwZYnXuwjZ6DJgdzZ5H3VNeoM9pChvThQwuhoO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCffWkRMNdYoXjCs217_UP9O2RqATJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPuACAKgDAaoEmQJP0GhmI4YDEfDJIxUYHchRD4DK_4GniABg9yebijv79eW81e9lLwa137pXDFCTY1lzb7eSfyIYovQ1eqWWNT568s6oPVQmN4BvlUoqCUppF4Fi2UezypO4iBEUiW1S2goyBhCkEqDzFUA8ljbRHOXzwEM3m2xJuh7mO0mpIi04XTJne3n-IOwclk9TNkOMrEiu8GTBlF_RKklqTDgvKnQD9sJfgx0pqUs5kokwyn0CMFYlBZqkTdagLuJNz7-PEbKwK6DIrhVQ6rJqs-t0RhVeUEB8BvPypO-A0VJMI5l0KRRPrUFN0D-ZoeRYP8hEKLN6VKlPKPEQXWEz05QsfmaUYsYy1dxR-l4iJ-VPeJlqtSH4MaQ5P1fX7-AEAYAGrt-ZoLP2it34AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oMA3BLXrJ1R8hS-zeviHwyAAXqQ%26client%3Dca-pub-7815427952014216%26adurl%3D

Requested by

Host: 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com
URL: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

35001f707e205553617d157945c385c0602c77cbba438d6c161e307e067e262f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:00:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=uATelhUzRS9wuXI6Cw4xSPKOBdDgWSjuX11EHXSuqqQhLraAtcYLtwwAhNyVdbEuuoiUzN8Kue4XHaqD-XAJ0nmxXBWAv8GHRxwLyOiBOsgC4MOoZCcilERqAYEMiQVV4ZHRTICzZArGSVjbupGxogzm0LcqiR-CoiijoyTOwWAH7ur9b_SblOWXfxenkWkYGrHsxhfDpw7HrqiL6JBL-_shCXxAqn30hGpz_qqqaTlo-H2aYGgn5D_pDAbyO7TQWljWoOE-2UUMwkyy"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 4489403
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 406B 3 KB
1 KB 31ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Host: 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com
URL: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 19:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 19:54:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 406B 119 KB
36 KB 20ms
19ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com
URL: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650281421154365"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 20:00:04 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame 406B 15 KB
6 KB 27ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com
URL: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 19:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 19:58:10 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 406B 0
0 42ms
13ms Image
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS4Tn2d66ah-B_uNBdtpMdNzsQ2GYBCiQp-u_vGsWwuFj_sTncOyi4dA8302509Ilw7QreZv0VObIAi89vb83Pwh7Y_KQ
Requested by: Host: 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com
URL: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 406B 22 KB
7 KB 25ms
8ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com
URL: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 15:41:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 15530
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 18 Apr 2023 15:41:14 GMT

GET
H3 200 11861873981737046269
tpc.googlesyndication.com/simgad/ Frame A3B6 89 KB
89 KB 18ms
14ms Image
image/png 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11861873981737046269?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnnFNAEE78WYHJctiDjRl46ewOYag

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&h=280&slotname=9237717968&adk=2724253716&adf=3745365657&pi=t.ma~as.9237717968&w=728&fwrn=4&fwrnh=100&lmt=1650312004&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004139&bpp=1&bdt=773&idt=129&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1137718152227&frm=20&pv=1&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1692&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=yulEFAAaSi&p=https%3A//www.windows2universe.org&dtd=133

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

86e4943d398373e2ca55c47098e2235d10c6dd969bd1c21ce38f9d32fe77de2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Tue, 12 Apr 2022 10:11:28 GMT
x-content-type-options: nosniff
age: 553716
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91505
x-xss-protection: 0
last-modified: Wed, 06 Apr 2022 12:42:23 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 12 Apr 2023 10:11:28 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/ Frame A3B6 19 KB
8 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 19:59:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 38
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8002
x-xss-protection: 0
server: cafe
etag: 5332015062585099865
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 19:59:26 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A3B6 3 KB
1 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 19:54:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 315
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 19:54:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A3B6 119 KB
36 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36909
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1649897599747219"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 20:00:04 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A3B6 15 KB
6 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 19:58:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 114
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 19:58:10 GMT

GET
H3 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/ Frame A3B6 29 KB
12 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220413/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

02af7e03520b6699b7eff36516fcd9fc000f00f6388f8ddeac599d00a76e6d0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 19:23:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11979
x-xss-protection: 0
server: cafe
etag: 7739490655680154556
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 02 May 2022 19:23:51 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A3B6 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CjzpiRMNdYtGtFe2ij-8PifqIkAeWwLTRacyUzPGyD8_33Zi6ARABIJrS8RlgleKQgqAHoAGYp-quAcgBAqkCcBWWvXAbsj6oAwHIA8kEqgSTAk_QN-Y-2NLpPNt65J6e3h3OLWETinsAc0DCSeFUpJTyW86bk-J70GrwSYWD5M1AnL7Q8S2_1PsRYYfjedK6flqOseyr7KtvINsI6QK9IW3KpWFeGhhmuDe9XJ0N0E3PlwjQzHjaGkzNX3-K50lxv05Z6aWkJHUaH8A73lF4RiCjVayYoGt_wEdlcrE7oEMnJAXI6NL1zWVMDZUP6amUe9m104Y5qU4Bdp03XVKDXg5Z2E0PmXbh6eMZhyYnMs5fsy1STdiKjdU5lOU-JxiDNf9wdJq9eZIpgv62rrM7h0Ba8tmheajtPyXbf2UreDGWFOYsO1jKsbGYJ4pfF6KwPit4YDcY3mnKvguvnXpKeoyHQ6pGwATjsv-n9wOSBQQIBBgBkgUECAUYBKAGAoAH0NiV0QKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDxmQLSCAkIgOGAEBABGB-ACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItNzgxNTQyNzk1MjAxNDIxNhgA&sigh=JZzNgeE8-fo&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&h=280&slotname=9237717968&adk=2724253716&adf=3745365657&pi=t.ma~as.9237717968&w=728&fwrn=4&fwrnh=100&lmt=1650312004&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004139&bpp=1&bdt=773&idt=129&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1137718152227&frm=20&pv=1&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1692&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=yulEFAAaSi&p=https%3A//www.windows2universe.org&dtd=133
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Mon, 18 Apr 2022 20:00:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9666 2 KB
1 KB 21ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yl3DRAACsYUIu9rNAAR29M3YUCl16jnlzkpgKg&u=%7CILtxJKbxgfSYQQpoy%2FJ%2FnWTS%2Bg4P0Bt4PqsNpKPS6K0%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWZThCef16kqGZ9KRqhVVTcgo6QbTZ-if0mGoLBfgr9dLOylIoy89GQVdu8lL718sminklUiriX_7U1V7gsuLvyWzbjouVZld3v7Wngopx3YVVWQqPhl72OzU9VL4cgoUB9IOVjCSC6ABj1uLumbMglmeAwi1Xtd3dp02Jb8jOvvOeAe6TSWbNgjUv9vArqd7blIPdKBAirOJHpujqqCb4eYew-Bqv2mDOeaRe9ImZvEemlWJmxqlw88m2CMX7vV0aN3LcPIlk6JLX8JkdDJ-_pGGUMV3GPFlQASpnE--BmTCSDV8XhJC25_3U0IWje_3Uh2k1fbOGhnm75BTv6VwkF-XapSe6M70WUz4we2mhQD1YT6GjwZYnXuwjZ6DJgdzZ5H3VNeoM9pChvThQwuhoO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCffWkRMNdYoXjCs217_UP9O2RqATJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPuACAKgDAaoEmQJP0GhmI4YDEfDJIxUYHchRD4DK_4GniABg9yebijv79eW81e9lLwa137pXDFCTY1lzb7eSfyIYovQ1eqWWNT568s6oPVQmN4BvlUoqCUppF4Fi2UezypO4iBEUiW1S2goyBhCkEqDzFUA8ljbRHOXzwEM3m2xJuh7mO0mpIi04XTJne3n-IOwclk9TNkOMrEiu8GTBlF_RKklqTDgvKnQD9sJfgx0pqUs5kokwyn0CMFYlBZqkTdagLuJNz7-PEbKwK6DIrhVQ6rJqs-t0RhVeUEB8BvPypO-A0VJMI5l0KRRPrUFN0D-ZoeRYP8hEKLN6VKlPKPEQXWEz05QsfmaUYsYy1dxR-l4iJ-VPeJlqtSH4MaQ5P1fX7-AEAYAGrt-ZoLP2it34AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oMA3BLXrJ1R8hS-zeviHwyAAXqQ%26client%3Dca-pub-7815427952014216%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9666 2 KB
1 KB 20ms
20ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9666 308 B
636 B 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 9666 507 B
835 B 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/m/delivery/ Frame 9666 43 B
347 B 16ms
16ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/m/delivery/lg.php?cppv=3&cpp=1M5kmlwmtHnLL1_guGeHLVy_dTvOKlVbM1rDCY7BoVKu8i8vag9v08x1BY14CDPjY6qBDYMYZ63VMUg0SZTAxHMuxleeT44lDPNlOzZCBGA1Qs-qGL3ANjMlFN9syzC29lDp8t_OtBfKgXymXU_qvnaN54wEkP7246AkJ1PslUlVE5H4hzp81wWswCE4Y9LQBNt0YdQgqSRSOR8-hUm5MRqEGCK7szHN6IzuXQ66mWHJImvQ-HEMrsqC5SjmS_UUo8htTyFfU7998EuKGug2eOUJaHhYNS7f9__f756cQvItBrdsiYKLzXKjYXySV6sYbsJpz7F0L2E2qIiluvRooc5I1pR5JWT7zlTA9rldcdqf0-YJzaF71Xre9csmp5XgayiHmTMFnUkLnyMcOXDjdolNekquLzlsYUTGv7gV5JO0Z28K43HthN6Jl_c-2JRvQKkG2A

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:04 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2858107
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 404 cd5a9124eb554bc892078416ea9712f5_image_ad_160x600.gif
static.criteo.net/design/dt/90764/220415/ Frame 9666 0
0 19ms
19ms Image
text/html 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/design/dt/90764/220415/cd5a9124eb554bc892078416ea9712f5_image_ad_160x600.gif
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yl3DRAACsYUIu9rNAAR29M3YUCl16jnlzkpgKg&u=%7CILtxJKbxgfSYQQpoy%2FJ%2FnWTS%2Bg4P0Bt4PqsNpKPS6K0%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqBkwvNjl8q6e-4vOkZyr-tuWKbg6CJmKWZThCef16kqGZ9KRqhVVTcgo6QbTZ-if0mGoLBfgr9dLOylIoy89GQVdu8lL718sminklUiriX_7U1V7gsuLvyWzbjouVZld3v7Wngopx3YVVWQqPhl72OzU9VL4cgoUB9IOVjCSC6ABj1uLumbMglmeAwi1Xtd3dp02Jb8jOvvOeAe6TSWbNgjUv9vArqd7blIPdKBAirOJHpujqqCb4eYew-Bqv2mDOeaRe9ImZvEemlWJmxqlw88m2CMX7vV0aN3LcPIlk6JLX8JkdDJ-_pGGUMV3GPFlQASpnE--BmTCSDV8XhJC25_3U0IWje_3Uh2k1fbOGhnm75BTv6VwkF-XapSe6M70WUz4we2mhQD1YT6GjwZYnXuwjZ6DJgdzZ5H3VNeoM9pChvThQwuhoO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCffWkRMNdYoXjCs217_UP9O2RqATJntKxXNWdkfdwwI23ARABIABglYKAgMAHggEXY2EtcHViLTc4MTU0Mjc5NTIwMTQyMTagAdW20uoDyAEJqQKQFKTl8BeyPuACAKgDAaoEmQJP0GhmI4YDEfDJIxUYHchRD4DK_4GniABg9yebijv79eW81e9lLwa137pXDFCTY1lzb7eSfyIYovQ1eqWWNT568s6oPVQmN4BvlUoqCUppF4Fi2UezypO4iBEUiW1S2goyBhCkEqDzFUA8ljbRHOXzwEM3m2xJuh7mO0mpIi04XTJne3n-IOwclk9TNkOMrEiu8GTBlF_RKklqTDgvKnQD9sJfgx0pqUs5kokwyn0CMFYlBZqkTdagLuJNz7-PEbKwK6DIrhVQ6rJqs-t0RhVeUEB8BvPypO-A0VJMI5l0KRRPrUFN0D-ZoeRYP8hEKLN6VKlPKPEQXWEz05QsfmaUYsYy1dxR-l4iJ-VPeJlqtSH4MaQ5P1fX7-AEAYAGrt-ZoLP2it34AaAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIiOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_1oMA3BLXrJ1R8hS-zeviHwyAAXqQ%26client%3Dca-pub-7815427952014216%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 08F7 143 B
163 B 8ms
7ms Document
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7815427952014216&output=html&h=280&slotname=9237717968&adk=2724253716&adf=3745365657&pi=t.ma~as.9237717968&w=728&fwrn=4&fwrnh=100&lmt=1650312004&rafmt=1&psa=0&format=728x280&url=https%3A%2F%2Fwww.windows2universe.org%2Fmythology%2Fcoyote_milkyway.html%26lang%3Dsp&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650312004139&bpp=1&bdt=773&idt=129&shv=r20220413&mjsv=m202204140101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=1137718152227&frm=20&pv=1&ga_vid=2089032751.1650312004&ga_sid=1650312004&ga_hid=1411396568&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=426&ady=1692&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44761044%2C21066434%2C31065544%2C44761539&oid=2&pvsid=3634674440186744&pem=204&tmod=1926239536&uas=0&nvt=1&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=13&uci=a!d&btvi=1&fsb=1&xpc=yulEFAAaSi&p=https%3A//www.windows2universe.org&dtd=133
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 3209
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
date: Mon, 18 Apr 2022 19:06:35 GMT
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 406B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b04e00f3b3af4a6a349d45e1770fdc7ff7f3b52c5e1f25969d39b5b044446e30

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A3B6 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c5310da996059d2311be21f8f1026610420a6a6d4c3e884c6b4a47c960bc06be

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

POST
H2 200 all
csm.eu.criteo.net/ Frame 9666 0
127 B 18ms
18ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=uATelhUzRS9wuXI6Cw4xSPKOBdDgWSjuX11EHXSuqqQhLraAtcYLtwwAhNyVdbEuuoiUzN8Kue4XHaqD-XAJ0nmxXBWAv8GHRxwLyOiBOsgC4MOoZCcilERqAYEMiQVV4ZHRTICzZArGSVjbupGxogzm0LcqiR-CoiijoyTOwWAH7ur9b_SblOWXfxenkWkYGrHsxhfDpw7HrqiL6JBL-_shCXxAqn30hGpz_qqqaTlo-H2aYGgn5D_pDAbyO7TQWljWoOE-2UUMwkyy&sds=2&rev=81123&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 20:00:04 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9666 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9666 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:04 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Apr 2023 20:00:04 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 35ms
21ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022041201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

66adb1d53a9dc58378017ccf9c5699a9ff13d74a462ab13ad81c9d8c1395d67c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 18 Apr 2022 20:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10567
x-xss-protection: 0

GET
H2 200 p Show response
i.simpli.fi/ 750 B
1 KB 20ms
20ms Script
application/javascript 169.50.137.176
SOFTLAYER

General

Check archive.org

Show headers Download Go to

Full URL

https://i.simpli.fi/p?cid=&cb=sifi_att_42656._hp

Requested by

Host: i.simpli.fi
URL: https://i.simpli.fi/dpx.js?cid=1543&action=100&segment=MW-NESTAweb&m=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.176 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b0.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

6b11ce6e90b2e5e0baf285f7034f0b92c433d28081c75229b5690a71562e8341

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache, no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0, max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Thu, 01 Jan 1970 00:00:00 GMT, Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 08F7
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

70ms
70ms

Document
text/html

2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Apr 2022 20:00:05 GMT
expires: Mon, 18 Apr 2022 20:00:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 18 Apr 2022 20:00:05 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame 7565 35 KB
13 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022041201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 18 Apr 2022 20:00:05 GMT

GET
H2

200

xuid
eb2.3lift.com/
Redirect Chain

https://um.simpli.fi/triplelift
https://eb2.3lift.com/xuid?mid=7969&xuid=CF3A1C88B3994E7A8DA6C47F7321F72D&dongle=yf3
https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=CF3A1C88B3994E7A8DA6C47F7321F72D&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=

37 B
354 B

9ms
9ms

Image
image/gif

76.223.111.18
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?ld=1&mid=7969&xuid=CF3A1C88B3994E7A8DA6C47F7321F72D&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
Protocol: H2
Server: 76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a0f671730127a0812.awsglobalaccelerator.com
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: /xuid?ld=1&mid=7969&xuid=CF3A1C88B3994E7A8DA6C47F7321F72D&dongle=yf3&gdpr=1&cmp_cs=&us_privacy=
date: Mon, 18 Apr 2022 20:00:05 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
simplifi.partners.tremorhub.com/
Redirect Chain

https://um.simpli.fi/telaria_p
https://simplifi.partners.tremorhub.com/sync?UISF=CF3A1C88B3994E7A8DA6C47F7321F72D

43 B
183 B

301ms
93ms

Image
image/gif

2600:1f18:612b:4216:4bb:825e:5e5f:d97a
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simplifi.partners.tremorhub.com/sync?UISF=CF3A1C88B3994E7A8DA6C47F7321F72D
Protocol: H2
Server: 2600:1f18:612b:4216:4bb:825e:5e5f:d97a Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

Redirect headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: nginx
location: https://simplifi.partners.tremorhub.com/sync?UISF=CF3A1C88B3994E7A8DA6C47F7321F72D
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H2

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://um.simpli.fi/tapad
https://pixel.tapad.com/idsync/ex/receive?partner_id=2305&partner_device_id=CF3A1C88B3994E7A8DA6C47F7321F72D
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CF3A1C88B3994E7A8DA6C47F7321F72D

95 B
424 B

15ms
15ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CF3A1C88B3994E7A8DA6C47F7321F72D

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
via: 1.1 google
content-type: image/png
alt-svc: clear
content-length: 95
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

Redirect headers

location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=2305&partner_device_id=CF3A1C88B3994E7A8DA6C47F7321F72D
date: Mon, 18 Apr 2022 20:00:05 GMT
via: 1.1 google
alt-svc: clear
content-length: 0
strict-transport-security: max-age=31536000
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2

200

aa_px
um.simpli.fi/
Redirect Chain

https://um.simpli.fi/ad_advisor
https://aa.agkn.com/adscores/g.pixel?sid=9201915418&sifi_uid=CF3A1C88B3994E7A8DA6C47F7321F72D
https://d.agkn.com/pixel/10751/?che=1650312005&ip=217.64.151.30&l1=https%3A%2F%2Fum.simpli.fi%2Faa_px%3Fsk%3D164881204125000429395
https://um.simpli.fi/aa_px?sk=164881204125000429395

43 B
361 B

18ms
18ms

Image
image/gif

169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/aa_px?sk=164881204125000429395

Protocol

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 20:00:04 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://um.simpli.fi/aa_px?sk=164881204125000429395
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

403

ProfilesEngineServlet
sync.intentiq.com/profiles_engine/
Redirect Chain

https://um.simpli.fi/intentiq
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CF3A1C88B3994E7A8DA6C47F7321F72D

0
0

70ms
15ms

Image
text/html

52.222.214.42
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CF3A1C88B3994E7A8DA6C47F7321F72D
Protocol: H2
Server: 52.222.214.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-214-42.fra56.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Redirect headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CF3A1C88B3994E7A8DA6C47F7321F72D
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H2 200 pubmatic
um.simpli.fi/ 43 B
409 B 76ms
19ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H2 200 freewheel
um.simpli.fi/ 43 B
409 B 19ms
18ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/freewheel

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H2

200

engine
pbid.pro-market.net/
Redirect Chain

https://um.simpli.fi/dtnx
https://fei.pro-market.net/engine?du=24;csync=CF3A1C88B3994E7A8DA6C47F7321F72D;mimetype=img;
https://fei.pro-market.net/engine?du=24;csync=CF3A1C88B3994E7A8DA6C47F7321F72D;mimetype=img;sr
https://cm.g.doubleclick.net/pixel?google_nid=datonics-ddp&google_cm&google_hm=MjExMzU5MzU5NTU0NTE0NDMzNw==
https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEMvrUIvEyQfe4ncqb0PiwqU&google_cver=1

43 B
389 B

23ms
16ms

Image
image/gif

2600:1901:0:8eee::
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEMvrUIvEyQfe4ncqb0PiwqU&google_cver=1
Protocol: H2
Server: 2600:1901:0:8eee:: Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:04 GMT
via: 1.1 google
server: Apache-Coyote/1.1
anserver: gapp-eu-5.c.datonics-gcp-01.internal
p3p: CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 1 Jan 1990 0:0:0 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pbid.pro-market.net/engine?du=53&mimetype=img&google_gid=CAESEMvrUIvEyQfe4ncqb0PiwqU&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 315
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

204

/
loadm.exelator.com/load/
Redirect Chain

https://um.simpli.fi/exelatem
https://loadm.exelator.com/load/?p=204&g=2191&simid=CF3A1C88B3994E7A8DA6C47F7321F72D&j=0
https://loadm.exelator.com/load/?p=204&g=2191&simid=CF3A1C88B3994E7A8DA6C47F7321F72D&j=0&xl8blockcheck=1

0
771 B

55ms
55ms

Image
text/plain

34.254.143.3
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load/?p=204&g=2191&simid=CF3A1C88B3994E7A8DA6C47F7321F72D&j=0&xl8blockcheck=1
Protocol: H2
Server: 34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

Redirect headers

date: Mon, 18 Apr 2022 20:00:05 GMT
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
location: https://loadm.exelator.com/load/?p=204&g=2191&simid=CF3A1C88B3994E7A8DA6C47F7321F72D&j=0&xl8blockcheck=1
cache-control: no-cache
access-control-allow-credentials: true
content-type: image/gif
content-length: 0

GET
H2 200 yahoo
um.simpli.fi/ 43 B
409 B 20ms
19ms Image
image/gif 169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/yahoo

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H/1.1

204

sync
sync.bfmio.com/
Redirect Chain

https://um.simpli.fi/beachfront
https://sync.bfmio.com/sync?pid=141&uid=CF3A1C88B3994E7A8DA6C47F7321F72D

0
421 B

402ms
94ms

Image
text/plain

34.239.97.35
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bfmio.com/sync?pid=141&uid=CF3A1C88B3994E7A8DA6C47F7321F72D
Protocol: HTTP/1.1
Server: 34.239.97.35 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-239-97-35.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Connection: keep-alive
Date: Mon, 18 Apr 2022 20:00:04 GMT

Redirect headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: nginx
location: https://sync.bfmio.com/sync?pid=141&uid=CF3A1C88B3994E7A8DA6C47F7321F72D
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H/1.1

200
OK

29931
stags.bluekai.com/site/
Redirect Chain

https://um.simpli.fi/bluekai
https://stags.bluekai.com/site/29931?id=CF3A1C88B3994E7A8DA6C47F7321F72D

62 B
603 B

167ms
150ms

Image
image/gif

104.89.42.102
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/29931?id=CF3A1C88B3994E7A8DA6C47F7321F72D
Protocol: HTTP/1.1
Server: 104.89.42.102 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-89-42-102.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 20:00:05 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

Redirect headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: nginx
location: https://stags.bluekai.com/site/29931?id=CF3A1C88B3994E7A8DA6C47F7321F72D
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H2

200

tpid=CF3A1C88B3994E7A8DA6C47F7321F72D
bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/
Redirect Chain

https://um.simpli.fi/crwdcntrl
https://bcp.crwdcntrl.net/map/c=7625/tp=SIMP/tpid=CF3A1C88B3994E7A8DA6C47F7321F72D
https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CF3A1C88B3994E7A8DA6C47F7321F72D

49 B
545 B

39ms
39ms

Image
image/gif

52.208.103.128
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CF3A1C88B3994E7A8DA6C47F7321F72D
Protocol: H2
Server: 52.208.103.128 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-208-103-128.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.12.236
content-type: image/gif
content-length: 49
expires: 0

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://bcp.crwdcntrl.net/map/ct=y/c=7625/tp=SIMP/tpid=CF3A1C88B3994E7A8DA6C47F7321F72D
cache-control: no-cache
x-server: 10.45.23.9
content-length: 0
expires: 0

GET
H/1.1

204
No Content

merge
ce.lijit.com/
Redirect Chain

https://um.simpli.fi/lj_match
https://ce.lijit.com/merge?pid=2&3pid=CF3A1C88B3994E7A8DA6C47F7321F72D

0
348 B

52ms
17ms

Image
text/plain

216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ce.lijit.com/merge?pid=2&3pid=CF3A1C88B3994E7A8DA6C47F7321F72D
Protocol: HTTP/1.1
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 20:00:05 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap4ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

Redirect headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: nginx
location: https://ce.lijit.com/merge?pid=2&3pid=CF3A1C88B3994E7A8DA6C47F7321F72D
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H2

451

419566.gif
idsync.rlcdn.com/
Redirect Chain

https://um.simpli.fi/liveramp_match
https://idsync.rlcdn.com/419566.gif?partner_uid=CF3A1C88B3994E7A8DA6C47F7321F72D

0
66 B

33ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/419566.gif?partner_uid=CF3A1C88B3994E7A8DA6C47F7321F72D
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: nginx
location: https://idsync.rlcdn.com/419566.gif?partner_uid=CF3A1C88B3994E7A8DA6C47F7321F72D
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H2

200

/
www.google.de/pagead/1p-conversion/1026675585/
Redirect Chain

https://www.googleadservices.com/pagead/conversion/1026675585/?random=1650312005006&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1026675585/?random=763512976&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cooki...
https://www.google.com/pagead/1p-conversion/1026675585/?random=763512976&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte...
https://www.google.de/pagead/1p-conversion/1026675585/?random=763512976&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=...

42 B
548 B

84ms
44ms

Image
image/gif

2a00:1450:4016:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-conversion/1026675585/?random=763512976&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RcNdYvGNBt2O9fgP_ZSRmAo&cid=CAQSKQCNIrLMKebJuwbGw4Neqd5muX_Wcml_9TcNaXg9x_3Uwbw7ZLBS46hP&random=2104498827&ipr=y&prhg=0

Protocol

Server

2a00:1450:4016:808::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/gif
location: https://www.google.de/pagead/1p-conversion/1026675585/?random=763512976&cv=7&fst=1650312005006&fmt=3&value=0&label=eGG0CO2U2AIQgafH6QM&guid=ON&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&is_vtc=1&ocp_id=RcNdYvGNBt2O9fgP_ZSRmAo&cid=CAQSKQCNIrLMKebJuwbGw4Neqd5muX_Wcml_9TcNaXg9x_3Uwbw7ZLBS46hP&random=2104498827&ipr=y&prhg=0
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://um.simpli.fi/spotx_match
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=CF3A1C88B3994E7A8DA6C47F7321F72D
https://sync.search.spotxchange.com/partner?adv_id=7797&uid=CF3A1C88B3994E7A8DA6C47F7321F72D&__user_check__=1&sync_id=23e90a5a-bf52-11ec-bc75-14604df00306

43 B
548 B

15ms
15ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7797&uid=CF3A1C88B3994E7A8DA6C47F7321F72D&__user_check__=1&sync_id=23e90a5a-bf52-11ec-bc75-14604df00306
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Mon, 18 Apr 2022 20:00:05 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 55
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Mon, 18 Apr 2022 20:00:05 GMT
Server: nginx
Location: /partner?adv_id=7797&uid=CF3A1C88B3994E7A8DA6C47F7321F72D&__user_check__=1&sync_id=23e90a5a-bf52-11ec-bc75-14604df00306
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 20
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://um.simpli.fi/an
https://ib.adnxs.com/setuid?entity=66&code=CF3A1C88B3994E7A8DA6C47F7321F72D
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCF3A1C88B3994E7A8DA6C47F7321F72D

43 B
1 KB

8ms
8ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCF3A1C88B3994E7A8DA6C47F7321F72D

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 20:00:05 GMT
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: e605b6d3-033b-4e4b-ad9b-87b163412847
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Mon, 18 Apr 2022 20:00:05 GMT
X-Proxy-Origin: 217.64.151.30; 217.64.151.30; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: dd536544-a027-4b76-8969-976a8ee22cc1
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D66%26code%3DCF3A1C88B3994E7A8DA6C47F7321F72D
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://um.simpli.fi/rb_match
https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CF3A1C88B3994E7A8DA6C47F7321F72D&expires=365

0
239 B

34ms
9ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CF3A1C88B3994E7A8DA6C47F7321F72D&expires=365
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 4b510f0cc5fcbc9800016ef543086418
Content-Type: image/gif

Redirect headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: nginx
location: https://pixel.rubiconproject.com/tap.php?v=6286&nid=2132&put=CF3A1C88B3994E7A8DA6C47F7321F72D&expires=365
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://um.simpli.fi/ox_match
https://us-u.openx.net/w/1.0/sd?id=537072966&val=CF3A1C88B3994E7A8DA6C47F7321F72D

43 B
274 B

46ms
31ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072966&val=CF3A1C88B3994E7A8DA6C47F7321F72D
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/18.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
via: 1.1 google
server: OXGW/18.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: nginx
location: https://us-u.openx.net/w/1.0/sd?id=537072966&val=CF3A1C88B3994E7A8DA6C47F7321F72D
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 138
expires: Sun, 17 Apr 2022 20:00:05 GMT

GET
H2

204

g_match
um.simpli.fi/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_cm&google_sc
https://um.simpli.fi/g_match?id=&google_gid=CAESEAofmDv29nHeI4sSPC7JJuY&google_cver=1
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=CF3A1C88B3994E7A8DA6C47F7321F72D
https://um.simpli.fi/g_match?id=

0
320 B

29ms
29ms

Image
text/plain

169.50.137.184
SOFTLAYER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/g_match?id=

Protocol

Server

169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),

Reverse DNS

b8.89.32a9.ip4.static.sl-reverse.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires: Sun, 17 Apr 2022 20:00:05 GMT

Redirect headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://um.simpli.fi/g_match?id=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 229
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame D33E 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 4339
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 18:47:46 GMT
expires: Tue, 18 Apr 2023 18:47:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame F3AC 783 B
534 B 22ms
22ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3221fe7fdd7b5c3c711a84f9c830c54cce3e2673b9cd6e660d4c95fe9a74801f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-e0TpXttoANQgKLx/wVVHAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.windows2universe.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-e0TpXttoANQgKLx/wVVHAQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 18 Apr 2022 20:00:05 GMT
expires: Mon, 18 Apr 2022 20:00:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js Show response
pagead2.googlesyndication.com/bg/ Frame D33E 35 KB
13 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/iDHsPPU-w9vlnufKSHbr26QNWWZn22uKUKQjwtrxHns.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Sun, 17 Apr 2022 21:02:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82639
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13566
x-xss-protection: 0
last-modified: Mon, 11 Apr 2022 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 17 Apr 2023 21:02:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame F3AC 0
0 103ms
102ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022041201&jk=3634674440186744&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame D33E 0
9 B 16ms
15ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?0tiB0g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Mon, 18 Apr 2022 20:00:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 398F 42 B
64 B 40ms
40ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstkiFhovm6SLEvtZ7jnbTIL6MfASH5GJ9fOj05iMx9361bTDtSOifgd62YpcHezo07DeldoyMJfjTzbaxFfDBDr&sig=Cg0ArKJSzAwATUMR6ZV3EAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220413&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1136797986&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650312004255&rpt=338&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 52ms
51ms Image
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022041201&jk=3634674440186744&bg=!DQ6lDkrNAAZvJBiFTyQ7ACkAdvg8WmkfmOWUR8IKn9V4eFXpl2DJPc0__Ktd3VV--0qoWZaaZw5kkQIAAABhUgAAAAJoAQcKAPO3_ToLAItE5rPWcW7W9lI8jSHMOtdhTi5lcsrPFPhKNkq6bJDPeH8qozGm6TqhjuHxH9_dyQcgVfF2uDX3LQajHltD03FeBGwr2KqjXJDDl7jC4IhxBfDEHIbfhhKbt6sJaTNAfpJA-JsG9b_3iQyB5o_5agKLPUlSjAd6EBbUVrcTTiiU_dQsndpluld_o1pE39dneCfXvjzHNmjLz7J0eiIeE--z5JaqN7DwxfuRIoA9QoZ_WxBqbXbJBXEsPGluCxoWQCtUvLt1h-0KcJ30UHY_DHX9sapjivOQxM8IvnV9w0_yk8dpP9Jgne2ZwR0w6I-ZApu-pSswf3zh82rdF440b7SHV_sFYldIpxjfyDT0Oh7CeZe6PcZ6BT88D4Ydqme1bP7y6g8AoPqtCUbjv3XieT1q3IclTNyUB1wfaJ0wfXKM0AsEyOYcbFaP5h_vJ6G5gNRoT6vhmfhAbOFcu-FA6BruLdust3kAA69WKkIqN7puirsp7xjsonoPcZhhko_H-SXr0uP2NDQ52QQlCWPVYhvBFhXeO-OI1t1NnuP1uWo1wabkbhuVEQVtOkFnc4MwnoP5YMYF8f5bIp6_ZaUERwHF5SZSBg4vQKd9gAk_9WUgzZb9CCYebTX9tmc7GEMyM-C6aGVb5bDp5Yi1xTQJzBJDy9vB3-kMX22t_GMA5EHvBnAkvcpunF7FQUkmu9U2-Z3iDnbGPbRilPptvGDKj6xiG7e97Z2Em7W1SWFQHTRh53kamBdosmq793jFLA3qv4K7IHYezqYyHTn7e9Kv5RYHDKVJoFeGEeZau-qnQGovFVS_1gAGnlaPAZkrEmUOTgLkoGt2kHyKuqEKxCqQtL33mYje_NZb2fVnVeZOkKvXBQR1uVxx_thGE-6gOD-aZk60O3Q6gXP_cn3aBv6fmpPWuc3GcA0t0bdDNmUV6mC7VkTzXTltWLHKiL9mPYthctrH0hulIruchCrLudNTs4OaP_8_jIgmwqpjgcCwNrjedEGxxgvp8dzXABtCyM7R9wRgLsFdw07y3QgwaqXoTFZxvcpu9Pg9WDjEZQdQdJzlyq_hIdiPdfiVu03tk1FNR9yd59W2aCSsAQN1X8ol6UHsvvFYm0OmIUmiJf008vvATy8myoAaRQw2ln5eudbTrQswltHbDKwMHUauE31n4tqhAZqEW2uwOEvFqQTdVoGj7mZZ4PynUzyLx3Rw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.windows2universe.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame C0E8 0
127 B 15ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 20:00:04 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 406B 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssXkCtZReBLYZcOxUH3bzyqupB3Y4_eXtaHKko09SUtVBaYvnySxOSgcUpFLlalbNGzLn6fT_Cje1_JVbmji5bY&sig=Cg0ArKJSzGq6a9NrYaNmEAE&id=lidar2&mcvt=1001&p=539,294,1139,454&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20220418&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2676734165&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650312004746&rpt=158&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 18 Apr 2022 20:00:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9666 0
127 B 16ms
15ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 18 Apr 2022 20:00:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: c.compete.com
URL: https://c.compete.com/bootstrap/s/1d3a8cb11daf54e5c6ac580623fdf64c/windows2universe-org/bootstrap.js

Domain: bit.ly
URL: http://bit.ly/1ctW8Bo

Domain: www8.glam.com
URL: http://www8.glam.com/js/widgets/glammedia_logo.js

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/services/feed/load?v=1.0&callback=jQuery17207754389378952278_1650312003723&q=http%3A%2F%2Fnsf.gov%2Frss%2Frss_www_discoveries.xml&num=10&output=json_xml&_=1650312004173

Domain: ajax.googleapis.com
URL: http://ajax.googleapis.com/ajax/services/feed/load?v=1.0&callback=jQuery17207754389378952278_1650312003724&q=http%3A%2F%2Fwww.nasa.gov%2Frss%2Fbreaking_news.rss&num=10&output=json_xml&_=1650312004174

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

164 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

38 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.windows2universe.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 5p7clirc2t2h9v234ba4v7dgh5
.scorecardresearch.com/	1970-01-20 19:42:00	Name: UID Value: 14F9c7c23fe4bfb6ce66a1a1650312003
.windows2universe.org/	1970-01-20 19:56:24	Name: _ga Value: GA1.2.2089032751.1650312004
.windows2universe.org/	1970-01-20 02:26:38	Name: _gid Value: GA1.2.1150495605.1650312004
.windows2universe.org/	1970-01-20 02:25:12	Name: _gat Value: 1
.windows2universe.org/	1970-01-20 19:56:24	Name: __utma Value: 154809790.2089032751.1650312004.1650312004.1650312004.1
.windows2universe.org/	1969-12-31 23:59:59	Name: __utmc Value: 154809790
.windows2universe.org/	1970-01-20 06:48:00	Name: __utmz Value: 154809790.1650312004.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.windows2universe.org/	1970-01-20 02:25:12	Name: __utmt Value: 1
.windows2universe.org/	1970-01-20 02:25:13	Name: __utmb Value: 154809790.1.10.1650312004
.simpli.fi/	1970-01-20 11:12:14	Name: suid Value: CF3A1C88B3994E7A8DA6C47F7321F72D
.quantserve.com/	1970-01-20 11:55:26	Name: mc Value: 625dc343-ed435-78895-ca242
.windows2universe.org/	1970-01-20 11:49:40	Name: __qca Value: P0-850126228-1650312003948
www.windows2universe.org/	1970-01-20 11:54:00	Name: __atuvc Value: 1%7C16
www.windows2universe.org/	1970-01-20 02:25:13	Name: __atuvs Value: 625dc344c3397a13000
.addthis.com/	1970-01-20 11:54:00	Name: uvc Value: 1%7C16
.doubleclick.net/	1970-01-20 11:46:48	Name: IDE Value: AHWqTUnrSzEqsuQxqTuKUq_e8CmbjAwTly60J6_FTYSQOD0yji3jKR270n4Vvvep9ls
.windows2universe.org/	1970-01-20 11:46:48	Name: __gads Value: ID=fc9a7619253c4b3e-22f258e579cd0071:T=1650312004:S=ALNI_MZT851BzGHHz3mXXQv5h_zxaEuyKA
.addthis.com/	1970-01-20 11:54:00	Name: loc Value: MDAwMDBFVURFU0wyMjkyMTg2MTAwMzAwMDBDSA==
.simpli.fi/	1970-01-20 02:35:16	Name: uid_syncd_secure Value: true
.doubleclick.net/	1970-01-20 02:25:15	Name: DSID Value: NO_DATA
.3lift.com/	1970-01-20 04:34:48	Name: tluid Value: 2446616248167953070385
.tapad.com/	1970-01-20 03:51:36	Name: TapAd_TS Value: 1650312005179
.tapad.com/	1970-01-20 03:51:36	Name: TapAd_DID Value: 4e689bcd-58ef-4043-a588-257b08230094
.tapad.com/	1970-01-20 03:51:36	Name: TapAd_3WAY_SYNCS Value:
.agkn.com/	1970-01-20 11:10:48	Name: ab Value: 0001%3AT%2BJ15o13N%2BmIVJskIWvadXCpJHm9fteW
.spotxchange.com/	1970-01-20 11:10:52	Name: audience Value: 23e909e8-bf52-11ec-bc75-14604df00306
.pro-market.net/	1970-01-20 03:08:24	Name: anHistory Value: "g23aeddm3ymp+2+!#7%.#5#6l9"
.agkn.com/	1970-01-20 11:10:48	Name: u Value: C\|0AAAAAAAAKfB_xQAAAAAA
.pro-market.net/	1970-01-20 06:44:24	Name: anProfile Value: "g23aeddm3ymp+1+1f=1+1g=1+1j=41+rs=s+rt=20010AC800203A001012ACA59BFF1538+s2=(rajww5)+vm=24-CF3A1C88B3994E7A8DA6C47F7321F72D:53-CAESEMvrUIvEyQfe4ncqb0PiwqU"
.crwdcntrl.net/	1970-01-20 08:54:00	Name: _cc_dc Value: 1
.crwdcntrl.net/	1970-01-20 08:54:00	Name: _cc_id Value: 915a6d4a9d6fd648352f70622642305f
.exelator.com/	1970-01-20 05:18:00	Name: EE Value: "8c263835eb3321a6d4e7d8cd02c4f780"
.exelator.com/	1970-01-20 05:18:00	Name: ud Value: "eJxrXxzq6XKLQcEi2cjM2MLYNDXJ2NjIMNEsxSTVPMUiOcXAKNkkzdzCYHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDAYEl%252BUWb6IhfXxUUpaQyLSopPBR%252BQVwQAjbgpYA%253D%253D"
.adnxs.com/	1970-01-20 04:34:48	Name: uuid2 Value: 1861481090363334956
.adnxs.com/	1970-01-20 04:34:48	Name: anj Value: dTM7k!M4.FE:2jUF']wIg2Hb]vjioH!1yIE`fSBTDCk7#?O0j<Jz7@P^b+E._szg`KM5A24npU3K?H3=46B@5I^4>gu6iVG#DI2Z#DIgl#XseWD5)DX
.bfmio.com/	1970-01-20 11:10:48	Name: __141_cid Value: CF3A1C88B3994E7A8DA6C47F7321F72D
.bfmio.com/	1970-01-20 11:10:48	Name: __io_cid Value: cdb30568787ba544349bbb49053b26f4b822c9b3

11 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://c.compete.com/bootstrap/s/1d3a8cb11daf54e5c6ac580623fdf64c/windows2universe-org/bootstrap.js Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
javascript	warning	URL: https://www.windows2universe.org/JavaScript/jquery.min.js(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://bit.ly/1ctW8Bo, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://www.windows2universe.org/JavaScript/jquery.min.js(Line 3) Message: Mixed Content: The page at 'https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp' was loaded over HTTPS, but requested an insecure script 'http://bit.ly/1ctW8Bo'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://www.windows2universe.org/JavaScript/jquery.min.js(Line 3) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://bit.ly/1ctW8Bo, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp Message: Mixed Content: The page at 'https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp' was loaded over HTTPS, but requested an insecure script 'http://www8.glam.com/js/widgets/glammedia_logo.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.windows2universe.org/JavaScript/jquery.min.js(Line 3) Message: Mixed Content: The page at 'https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/services/feed/load?v=1.0&callback=jQuery17207754389378952278_1650312003723&q=http%3A%2F%2Fnsf.gov%2Frss%2Frss_www_discoveries.xml&num=10&output=json_xml&_=1650312004173'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://www.windows2universe.org/JavaScript/jquery.min.js(Line 3) Message: Mixed Content: The page at 'https://www.windows2universe.org/mythology/coyote_milkyway.html&lang=sp' was loaded over HTTPS, but requested an insecure script 'http://ajax.googleapis.com/ajax/services/feed/load?v=1.0&callback=jQuery17207754389378952278_1650312003724&q=http%3A%2F%2Fwww.nasa.gov%2Frss%2Fbreaking_news.rss&num=10&output=json_xml&_=1650312004174'. This request has been blocked; the content must be served over HTTPS.
network	error	URL: https://www.windows2universe.org/php/404error.php Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://static.criteo.net/design/dt/90764/220415/cd5a9124eb554bc892078416ea9712f5_image_ad_160x600.gif Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://idsync.rlcdn.com/419566.gif?partner_uid=CF3A1C88B3994E7A8DA6C47F7321F72D Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&dpi=2124307461&pcid=CF3A1C88B3994E7A8DA6C47F7321F72D Message: Failed to load resource: the server responded with a status of 403 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

147018d5088a9d9ca03204806b13a401.safeframe.googlesyndication.com
aa.agkn.com
ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
bcp.crwdcntrl.net
bit.ly
c.compete.com
cat.nl.eu.criteo.com
ce.lijit.com
cm.g.doubleclick.net
connect.facebook.net
csm.eu.criteo.net
d.agkn.com
eb2.3lift.com
engine.multiview.com
fei.pro-market.net
googleads.g.doubleclick.net
i.simpli.fi
ib.adnxs.com
idsync.rlcdn.com
loadm.exelator.com
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pbid.pro-market.net
pix.eu.criteo.net
pixel.quantserve.com
pixel.rubiconproject.com
pixel.tapad.com
rtb.fr.eu.criteo.com
rules.quantcount.com
s.zkcdn.net
s7.addthis.com
sb.scorecardresearch.com
secure-gl.imrworldwide.com
secure.quantserve.com
securepubads.g.doubleclick.net
simplifi.partners.tremorhub.com
ssl.google-analytics.com
stags.bluekai.com
static.criteo.net
static.xx.fbcdn.net
sync.bfmio.com
sync.intentiq.com
sync.search.spotxchange.com
tpc.googlesyndication.com
um.simpli.fi
us-u.openx.net
v1.addthisedge.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagservices.com
www.windows2universe.org
www8.glam.com
z.moatads.com
ajax.googleapis.com
bit.ly
c.compete.com
s7.addthis.com
www8.glam.com
104.89.42.102
13.225.80.89
142.250.185.130
142.250.186.98
169.50.137.176
169.50.137.184
172.217.23.98
178.250.0.162
178.250.2.135
178.250.2.148
18.198.193.48
185.94.180.125
2.18.232.170
2.20.157.238
216.52.2.19
23.23.134.191
2600:1901:0:8eee::
2600:1f18:612b:4216:4bb:825e:5e5f:d97a
2600:9000:223c:1a00:6:44e3:f8c0:93a1
2600:9000:223c:7400:1e:a43d:b640:93a1
2620:116:800d:21:f916:5049:f87f:108e
2a00:1450:4001:800::2002
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2002
2a00:1450:4001:810::2004
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4016:808::2003
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.239.97.35
34.254.143.3
35.178.150.13
35.227.248.159
35.244.159.8
35.244.174.68
37.252.173.215
52.208.103.128
52.222.214.42
69.167.170.156
69.173.144.165
76.223.111.18
99.86.7.34
007276382e4e3f77c660fb7488fec524a21f7893a736db96dca415012a25075e
02af7e03520b6699b7eff36516fcd9fc000f00f6388f8ddeac599d00a76e6d0f
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
05b560ab56271abfee4553e439a6efdec2fdc1d28f14186524fab5882121ec50
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
1be515e7b4ddcccb53b211559aa36a818a698addeb211e90e4b7e5cb83c199bd
2bf17d62ecb410efcb1a43f30e8bc759767b9772a82f66cc52f548309efc8586
2c25517a57ed3ca89bcf0ecf539c6b232555a1530946ee91b2a273c8a2bfcb73
2d211ba7d50b52f27e72efa6039ef173f10088be5828d24fc796405ded5c33b7
2ed88dc1fd1ea62fe8d57f584b4125831229f94ff9a7a9103db12c8fa1b984f0
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2fc3c66638d98c642cd16af118f2c4478703746dced8fa304c78ed1bbe6e3e08
31af3c58ad1d258a9b83a7e2f099895b98eb42c95ff4dd775f6bda5ea67de23e
3221fe7fdd7b5c3c711a84f9c830c54cce3e2673b9cd6e660d4c95fe9a74801f
3331a0486cb3e8a75c8c2fdf02bf80fd8fe2b811dfe5c7b4aa892d38bfcf604a
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
35001f707e205553617d157945c385c0602c77cbba438d6c161e307e067e262f
3769f5b84f2f3c8e4da085a3a576ecb6212ccfdf72ec3b9c3501dcecc0a339ee
3abdf42fc8d5efa09059aceac49f90a364c2125a8af3fd06890ce0a770889381
3bd42f8caf5cd77cea9b080cee75de386d0524c44f44037ad3a7e7b35a7a9ab9
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
4064f00ebcd7bba592f1fdddaae0f61bba5975bfafd0b6bc29654d625ae44220
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4caa2b4b885d62d25d986de63c6e3163f9c7da374d9b76bc4a412b61d4f2975d
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5014787a190348583c48577dcd9bbee6dd619ec401cc2b2f039aa6968450d3e2
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
579bc4adea57f3a03b323fbbeaa32979dac776934005ca7ca2c2a6ee3dbabdde
5d72baf843ad0871b37bfce6742b9d13f2d246b74f57bce146af910c128cda4f
5e11460dbd398613c4a9f5ea381c7e4bedba60a97dcbad973f007ae9e3337f26
5f3256e40bb12b17c6735ad618d5c809fd35ee237c9118633de33fa2b6deecc4
6096663b5f8e117be1e54c224af1624a4fb08245914e6d6940003f8a535e1780
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62532bf264b927bbf8dea81fbcd94d069c1f536446cfdaf4e3cf6032ba13c6a8
62903103b62931827a58bf885503dfebe78b76dd92e2becab8ce1b92e3650bfa
641f86461a1b1ed278ca18cc153edbdcab2cad79d146baf07c8c441e7ded3503
66adb1d53a9dc58378017ccf9c5699a9ff13d74a462ab13ad81c9d8c1395d67c
694bace268fdfb158ad1e284bf342ab8a525cea66bf0bbfad6afb027dbb26c97
6b11ce6e90b2e5e0baf285f7034f0b92c433d28081c75229b5690a71562e8341
6c2ef5f8b2cd3020f002b8b156df1bfc49265bb8a22d8e4a43d865c72eb4ef35
708369fe8dc1fd8fce92d3a7078852bb50ba4ba1a1884b1358c3bf03e1670d50
7700f3853a3e280c99c49e25d14b0f91fbf4f78940f7d9f9514d004d0a7de32f
7850f5162307188cc001805fc7ef09291bccd1cc1453310ab71a0a93dbc3b17c
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7cfe24f5bdcac4e32babe5dc529992067ee6778aba29bd7019173efcd25bb2e8
7d9cb37caa42884ecf576d900ed098198383466e3f19ee270e50207e9d32452e
7df4cb1633e792be6111befe4599578305e9c781180a6969dff468d0ed52a2e2
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
85576c0a7221d9cc35b8c28768c64e161cd4a436636965fb4a1b93b3cf708392
86e4943d398373e2ca55c47098e2235d10c6dd969bd1c21ce38f9d32fe77de2c
8831ec3cf53ec3dbe59ee7ca4876ebdba40d596667db6b8a50a423c2daf11e7b
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
9331eb7e85a74202ac9bed8a0caf090a18822dc4c3e9b7075027dbef8cf54f05
960182bb80c02705ad699667ae8b81df296852d86184e724f1bd2cbbef204d3a
9831e5b4e79a7b80a69a4d83d86fafc4c8e80fad4d14d27796f7eef4b686ba66
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
9c045c3bbf35955cb61448274ae428f1df5c56a188483ef0f0b88b1c5f4e81fb
9d31b69298cad4866d2a1af53f0adbc928395152d30e296f95f43d1d8d9877b1
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d5c1bfe43c8beefab2fa059f4fcaa029fcbbace9a672aae1dfe1ffb7d6976c
aad2b6d960df65a46563c335ca5dbf6f4da009ef0c0e3c6728d7c3173958349f
ad12953f985aedeafb10735b915e498cc08b4b048729c1af1bdf74b73668de78
ae1662349ff25bf23f2d8c4d4affd74d2531892eac8dabfd7a05d80459c36583
b009f040ed0a69d8e5a04e722de3cda12c132d4544c441570046b91ab275f14c
b04e00f3b3af4a6a349d45e1770fdc7ff7f3b52c5e1f25969d39b5b044446e30
b30038ff51590d98c5560f6925bc1a5e4e6296b29e1cfced2316c7bbdb6000d2
b5cfb5f412d44a72b9dc9b092eb32062200f5c3c56aada240cee84d145426eab
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
c05e33e6c4251ad52eb977a7c942acd52fca8c4bb96d109d3314160e447a0e27
c5310da996059d2311be21f8f1026610420a6a6d4c3e884c6b4a47c960bc06be
c9d96580cfced42e0bdf0b99f2b84c18d575eacbb661bce8578a2bb7b4dacafe
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cdb099d5f363aaa9f0206eb50506ee62861cd77d5a1970f36f8a55f8d4eb4d8d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfb1b78204132272b5f0dd5fd971b828918252563e2eeaedb489bfb8ce90529f
d63da2e49d2fd98990a5c28526a97860a20587e6f61e9ff4947db794d77ac9e6
d6447b819f1671061eaef6eb9a388b162c8714aed75720e7e4a579f738e30cb6
d7e4910b3f2fc40786be72fd0f7afda7086062b1d0454c8a6d648b7802091dcd
d86f1e2508820eb7b58047a9248e8af57d5d9e07eadcae2f8b9a1cc5a5c79076
d9ac5a66638127e9742b09bdf7e22c1d2bf5faf2e38ea98c6340f1cfa1175835
da7e7af997544d4978478262acb934fa42edac627b3a06fb8fe40bfbd83ac6f8
dbb3b14725a5dc6385bc87f9db286c819b01ed119b3df72b6123992dd2aca312
dfabf314eb290e1380ca49411f6ca0fa0afb2498026179891f48bbc1932c29aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4437a6072c1b0fe27201c8502ebf929163be94fafce33b7607315043f70b0e7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7bc5bc2886bd94371d1bbc5f7695fd6b93cf084fe23829476ffd62601aeef55
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
edaba74200deef32f7a4b762c277ebdc3c9947d6908d054e8314239d0c382ef2
edc2c81d24fe484d31a9017e87f607e90a78a8c83128b6b00b3c897754322b90
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef66566d2af26e162baef41cdaaffa175265d3b44fe2bde2b1d874b0ed258e38
f35c450b1d2e0a0a60ade72a601c8282fb43e6b37330c2948d5e6413227e0eb3
f4e94abb6f76a388583d4a1fe4d4a90f95e371ba7e6b37615cd4623e3b7d6a74
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f6b23c275a7f500e3d806f994bc27687e90c3038f427d12fff8db0c2a7d5e513
f7afd4eab4a7b7c8879e482ade374aa201e6a487053da9d6b5ef1c8fa2ee3d38
f9087ac7d22dd75cc18e8a7ae72e04984c7395b6bc92819c79e0b3d09db6ef55
f9c00cac4a6a4ece76796facc4f0bcb533542cdd68352bfbd56b2f7fc414c66e

www.windows2universe.org Open in urlscan Pro 69.167.170.156 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

169 Requests

85 %HTTPS

42 %IPv6

43 Domains

60 Subdomains

47 IPs

7 Countries

2051 kBTransfer

4438 kBSize

38 Cookies

21 Outgoing links

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.windows2universe.org Open in urlscan Pro
69.167.170.156 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

85 %
HTTPS

42 %
IPv6

43
Domains

60
Subdomains

47
IPs

7
Countries

2051 kB
Transfer

4438 kB
Size

38
Cookies

169 HTTP transactions
3 data transactions