soyztreid.website Open in urlscan Pro
2606:4700:3037::6815:540e Public Scan

Go To Rescan
Add Verdict Report

URL:
https://soyztreid.website/vtags6.html
Submission: On February 19 via manual (February 19th 2024, 1:04:24 pm UTC) from UA — Scanned from DE

Summary HTTP 90 Redirects Behaviour Indicators

Summary

This website contacted 18 IPs in 3 countries across 10 domains to perform 90 HTTP transactions. The main IP is 2606:4700:3037::6815:540e, located in United States and belongs to CLOUDFLARENET, US. The main domain is soyztreid.website.
TLS certificate: Issued by GTS CA 1P5 on February 16th 2024. Valid for: 3 months.

This is the only time soyztreid.website was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2606:4700:303... 2606:4700:3037::6815:540e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
16	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4 6	2606:4700:303... 2606:4700:3033::ac43:dcb4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
14	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
4	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:81c::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
23	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
90	18

2 2606:4700:3037::6815:540e (United States)

ASN13335 (CLOUDFLARENET, US)

soyztreid.website	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:3033::ac43:dcb4 (United States) 4 redirects

ASN13335 (CLOUDFLARENET, US)

softoroom.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 689 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 8417 csm.eu.criteo.net — Cisco Umbrella Rank: 7991	499 KB
30	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 120 tpc.googlesyndication.com — Cisco Umbrella Rank: 158	629 KB
12	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43	112 KB
6	softoroom.org 4 redirects softoroom.org	3 KB
4	gstatic.com www.gstatic.com fonts.gstatic.com	57 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 141
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 7905 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 13432 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9712	64 KB
3	google.com 2 redirects www.google.com — Cisco Umbrella Rank: 2	863 B
2	googleapis.com ajax.googleapis.com — Cisco Umbrella Rank: 434 fonts.googleapis.com — Cisco Umbrella Rank: 48	32 KB
2	soyztreid.website soyztreid.website	3 KB
90	10

	Domain	Requested by
23	imageproxy.eu.criteo.net	ads.eu.criteo.com
16	pagead2.googlesyndication.com	soyztreid.website pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
7	static.criteo.net	ads.eu.criteo.com
6	softoroom.org	4 redirects soyztreid.website
4	www.googleadservices.com	soyztreid.website
3	www.gstatic.com	googleads.g.doubleclick.net
3	www.google.com	2 redirects tpc.googlesyndication.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	soyztreid.website	soyztreid.website
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	fonts.gstatic.com	fonts.googleapis.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	ajax.googleapis.com	soyztreid.website
90	17

This site contains no links.

Subject Issuer	Validity	Valid
soyztreid.website GTS CA 1P5	`2024-02-16` - `2024-05-16`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2024-01-29` - `2024-04-22`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://soyztreid.website/vtags6.html
Frame ID: E0378B0F846E18E59046A09CBFE50CE7
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html
Frame ID: 4CD658763B28F822213A99C0AC80DD7F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&h=90&slotname=3871139047&adk=1407361067&adf=2156361760&pi=t.ma~as.3871139047&w=728&lmt=1708347860&format=728x90&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&alternate_ad_url=https%3A%2F%2Fsoyztreid.website%2Fweb-content.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347859923&bpp=2&bdt=284&idt=153&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&correlator=6172146610771&frm=20&pv=2&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=164
Frame ID: 234025DD85CE3B765BF3AA59E3A54B73
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&h=280&slotname=3487995663&adk=3238957472&adf=595924912&pi=t.ma~as.3487995663&w=1200&fwrn=4&fwrnh=100&lmt=1708347860&rafmt=1&format=1200x280&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347860096&bpp=1&bdt=457&idt=1&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6172146610771&frm=20&pv=1&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=3
Frame ID: 47A501CEF4CD51C2E755F7D02244454F
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&adk=1812271804&adf=3025194257&lmt=1708347860&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347860107&bpp=2&bdt=468&idt=2&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1200x280&nras=1&correlator=6172146610771&frm=20&pv=1&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=5
Frame ID: 693E94C9D6D3E38C0A2EAD56C28E2203
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: E8CB37DCC216B1E129CB23FA25717BCD
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: 74BB6D37728DC7BB05D69D8B7493B8F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 1B7A2D7F5AF360CE06736B63E3CB01C5
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdNR1AAC94wE0b3UAAFWZOAh4IQYObNxbnAegg&u=%7CzbEcaLPsfFDVR6LHHlBB4npx%2Bko43NalYNMJPwCu3pE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869Pw3g1l6XVz7uQqB7wKn_iMuAsExwkSnmr4kniL9tzuXaGBQh3htBGO24utRXu3yOAxQ5vB0WGs5KWX1fwlwc6jXODO2ZYavRecV44IGXjZHxo5r-icqPFqs1fRutlPYkilvYF9lm8Atj0f3fQmRplDaRoMto-bjOCSWiY--r2vXd_-nrhOHUXUvyyOXZH_cLSk-c29M9CEogzGqxIcl-H2TMHjcGGP2GQqA7v4Vp3EXZREnQuO_Izi7ZWKcJaszYeqVzqNjKZi7ccIaxkUiGhge1yCArokps_4uidwlh4usUeAW3M-eNuh4-m4mhMtfILQZR_FtYiJsiB468QHHXdtiH_3nBxp2rEkmYpwFI4o8RV9YUT0-1-9rtKYdKZvAJWBaLXPpnFhuqsfihpKrPvAgwgaw5pY-6QcFH7qEzShKQeaD8Z_GwnSZiGJ2e7ay0saxNgjOry9VK1SHseHLUVRAxBPlCWpuDHGsGtunV8hdDrVidAGukbxQCINP_LCETvWHgYoYpSG8c8iy5vCCWz3u9l9P6TmFrRrvc84-3fE0O9AB6-jw7hkAAl200mm_PXkrZIIg3Jaz7Mkr8QqhwPjdTYHzL0uUQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHnhB1FHTZYzvC9T7xtYP5KyFmAvJntKxXL3plfdwwI23ARABIABglZKggrAHggEXY2EtcHViLTc3OTM2NjM5MzczNjcxODjIAQmpAuwUsmdyFLI-qAMByAMCqgTHAU_QoOVuNQHEwAXOmUsUFdUuREe7jlNQSMic5lP1PoESJ6G5zDbljxOiNrmRY_aTJWs0-kstQ5JsQhgvFnI7hH4ezLNzrPCBBWNEdTQOgD-P7C8Bm_sZ1FMr4D5nTwLU2zG9ZP2SJzCj39LD7Oc9vazzjfenZB07n_LNe-hqhm8qBGDSfNsKGRJDN3FhYci8LgyZDF5xdR-msoXL-EoYOKoC4wkXDFaLXnlPWQGJ3Vp3WPd3292-N04DI37J4vR-yCO3C1bePOWABoTHyqusjrKKrwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICECEi9_cE6WLr07Nq7t4QD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yc_fJN8KUhqidBo_qkbGPWLeEQA%26client%3Dca-pub-7793663937367188%26adurl%3D
Frame ID: 5D06CDC776BF0F1CC836738E2CDDD36E
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: A08FD6BE13EC6FDC7F329889B7CCB7D7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js
Frame ID: 9DBFB8E1457E4DAE072773F7F9977337
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: CCDC480F9380A947C0B91DC869E4CFE1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DE136D9F39A693AC8881EEE3DD89F8C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

SoftoRooM - 2024-02-19 04:04:19

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

96 %
HTTPS

88 %
IPv6

10
Domains

17
Subdomains

18
IPs

3
Countries

1399 kB
Transfer

2962 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 3

https://softoroom.org/qeobin/go.php?sid=6 HTTP 302
https://softoroom.org/qeobin/got.php?sid=6 HTTP 302
https://softoroom.org/style_images/1/back.png

Request Chain 4

https://softoroom.org/qeobin/go.php?sid=7 HTTP 302
https://softoroom.org/qeobin/got.php?sid=7 HTTP 302
https://softoroom.org/style_images/1/back.png

Request Chain 17

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 19

https://googleads.g.doubleclick.net/pagead/adview?ai=CJPkz1FHTZaXiCf7lxtYPqYWgsA_ttMebdajPmrr3EWQQASDCuOAsYJWSoIKwB6ABjJTdpyjIAQKoAwHIA8kEqgTXAU_QbyGjU-tMC-kBnv0AI1FJwGKZ8YaGD7O69mrKds3imzkMA12ITdvWfvJgq4ixSX0KgEsTUJZApaX8Qq8p215qZt8nL-Puq2NFICWjUOmWiVGhrcsKwADplVpQQwpr8Ilq0_mRMZUmTtOHpTqw-wZpFIcaAUX_F1n9ct6ABOynrcJHu5nNiALJNsVGYGsYksCHa1YK3J262JhlwVWTD2gBd2N0iSLCVqFjx99lIe9UWUb-LjhPHUc6m1WxF9TG-2HJZfDolQOm-sN1r6zozhQK6uI7ZB4cwASvsfbMxASIBZPzselNkgUECAQYAZIFBAgFGASgBgKAB4zMrYcDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHr76xAqgH1ckbqAemvhvYBwHyBwQQ39Ud0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpYne3q2ru3hAOaCdABaHR0cHM6Ly9mYXN0ZWFzeS5pby9kZS8_YnJhbmNoLW5hbWU9c2VuaW9yJnRlc3QtbmFtZT1nbzRqZHkmdHJhY2s9dHJ1ZSZ1dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZjYW1wYWlnbl9pZD0yMDg5MDU0ODYyNyZhZGdyb3VwX2lkPTE1NTg1Mzg4NzY2MyZhZF9pZD02ODU5MTg2OTg0MTImdXRtX3Rlcm09JnBsYWNlbWVudD1zb3l6dHJlaWQud2Vic2l0ZYAKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi03NzkzNjYzOTM3MzY3MTg4GAA&sigh=DusI5Vmkcuo&uach_m=%5BUACH%5D&ase=2&cid=CAQSTwAvHhf_pp1csjbsI-VcBtQPixxPrFZwA35bXcYZV0VY91OAtj0vdDxPcHeQTif6zXrHRIGhCggsXk9R-6G8O6Q-YuSCPEwFdu5QCiu1a5wYAQ&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228022061467739474436%22,%22debug_reporting%22:true,%22destination%22:%22https://fasteasy.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210820733452%22],%2222%22:[%22true%22],%224%22:[%2202-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212116096498187624545%22}&andc=true

Request Chain 44

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 77

https://googleads.g.doubleclick.net/pagead/adview?ai=C-Zbb1FHTZa3ACqOS3rsP44SXsAzTndbobIHp0ZHOEsCNtwEQASDCuOAsYJWSoIKwB6ABxdeHkijIAQGoAwHIA8sEqgTQAU_Q1vY0Wjc_jFLv6k2IjpBsVPVKLcnXR0Fk5REhiGwJsKM3qpbEMBrCtYVX_WXjuvkrczMrZuV8F6fXYBtfSwLWhz-1E7H8ioqTNR7nv29VMkyoEFNiQQw_HdWflJdiN6_J5C2pbGSaFpTnqnG6osqB_rcY9hQPt8aNkxVX5KdA9c77ld5f9_6fIVsgRzYTaiO3-inKFCGQ9fccP8pqHDpevxSZ_sTr44HuPuGTJsb-RM5Sd9IA7BmlWZ2fMz1MLfThpgT1odw4vjJ9Doc20-PABKq8neKIBIgF5KyYrUCSBQQIBBgBkgUECAUYBIAH1oXFrgOoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBCH_DDSCCYIgOGAEBABGB8yAqoCOgmAQICAhICAhAhIvf3BOljIxevau7eEA5oJlgFodHRwczovL2RlLnNvZnR3YXJlLmZpc2gvYWRibG9ja2VyL2Jlc3QtYWQtYmxvY2tlcnM_dXRtX3NvdXJjZT1hYjMmYWlkPWFkYjNkZSZ1dG1fY2FtcGFpZ249MTcyNzQ2Mzk5NzImdXRtX2NvbnRlbnQ9Njg4NTUxMTQyNzA3JmFkZ3JvdXBpZD0xMzk3OTI0NDA4NzSACgHICwHYEwzQFQGAFwGyFxwKGggAEhRwdWItNzc5MzY2MzkzNzM2NzE4OBgA&sigh=6u-oDJ0E_Uk&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_z2_4pAjNHXSgaB7hhTeu7Rr5lR2XL2ewbB6jp21BaYKh7zty31qAdUdmhtHttc5LIuFG-JhklmJz5lSvK_gl06UpKd1em0w1rxgB&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216617770276221934021%22,%22debug_reporting%22:true,%22destination%22:%22https://software.fish%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210775292869%22],%2222%22:[%22true%22],%224%22:[%2202-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222211667043669723889%22}&andc=true

90 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request vtags6.html Show response
soyztreid.website/ 7 KB
3 KB 298ms
202ms Document
text/html 2606:4700:3037::6815:540e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://soyztreid.website/vtags6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:540e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/5.1.6

Resource Hash

ed0c1c517909bbd09a44c30d9b2662778e45c29b5a0c09fad1825e002e9c7470

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 857eb7098c1f670b-AMS
content-encoding: br
content-type: text/html
date: Mon, 19 Feb 2024 13:04:19 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RB%2BI1LRRt8ZI4viO91hZUC2OKY1NuaZiL9s45Fy7KoUrby71CkrBUStO99xoNgtspYgId74z3RQ8rq6uPX3a23jhhw%2Bcz2OtvFik2o%2F4R%2BEfQDejJiKORYAQT%2BNYAT7Bqn9LACgScgQfRS%2FLu3kgwA%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-powered-by: PHP/5.1.6

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.1.0/ 84 KB
30 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.1.0/jquery.min.js

Requested by

Host: soyztreid.website
URL: https://soyztreid.website/vtags6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 21:23:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 488426
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30211
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 12 Feb 2025 21:23:53 GMT

GET
H2 200 tags.css
soyztreid.website/ 0
365 B 187ms
187ms Stylesheet
text/css 2606:4700:3037::6815:540e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://soyztreid.website/tags.css?ver=2a01:4a0:2b::7

Requested by

Host: soyztreid.website
URL: https://soyztreid.website/vtags6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3037::6815:540e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/vtags6.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:19 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400
content-length: 0
last-modified: Wed, 23 Aug 2023 19:57:30 GMT
server: cloudflare
etag: "64e664aa-0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5YLj%2FqEcGzL%2BNqDIcFVhf%2F8Yj00SZAA8rw6ToIwM5IY4GW%2Bjz6s6X8HDE48xTgN17JRKxuPWrZzDu1Y%2BbqkGbF85SeXb3MTkDelIP0qf%2BgeQkuXWPG6LDQ1dwtAm4vI22QIGch2CkH8NWanh7UP6EA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=604800
accept-ranges: bytes
cf-ray: 857eb70ade25670b-AMS
expires: Mon, 26 Feb 2024 13:04:19 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 149 KB
51 KB 74ms
53ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: soyztreid.website
URL: https://soyztreid.website/vtags6.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8e71745ae04d67ff0a9fc05fee0446124bd5655998cb36c96a016b80b66e75d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51450
x-xss-protection: 0
server: cafe
etag: 10580305760766244004
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Mon, 19 Feb 2024 13:04:19 GMT

GET
H3

200

back.png Show response
softoroom.org/style_images/1/
Redirect Chain

https://softoroom.org/qeobin/go.php?sid=6
https://softoroom.org/qeobin/got.php?sid=6
https://softoroom.org/style_images/1/back.png

138 B
664 B

28ms
27ms

Script
image/png

2606:4700:3033::ac43:dcb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://softoroom.org/style_images/1/back.png

Requested by

Host: soyztreid.website
URL: https://soyztreid.website/vtags6.html

Protocol

Server

2606:4700:3033::ac43:dcb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

593b0639e29ef47cabf7abb5dab169803329f5a6a0632edb3c317c361d9f9dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2099494
alt-svc: h3=":443"; ma=86400
content-length: 138
last-modified: Tue, 16 Nov 2021 08:45:31 GMT
server: cloudflare
etag: "61936fab-8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F8eiJUZYJmaXlcSjvT7lWPA2SJJCBCeNfHQsrXtPUrdx3hSCv49UBm1O5AMWq5UGq0xfZ21sKsHbRPLpUv2jjqIVtsv3LzxxEBbyNigPe5ZTXG7k0%2B80xNqxk1aAHUx6vP%2FIecePRSCVJ4jf"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857eb70d7f2122ab-CDG
expires: Tue, 26 Mar 2024 05:52:46 GMT

Redirect headers

date: Mon, 19 Feb 2024 13:04:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.2.17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i8X52Se0LUuwKW%2BPezoK%2FHy8ffWD9XYEthLy2H1SiTXaPEqyux2zVVwe0LKiABey2dzjIRYeqkpsuYdDWKUDJJQ5myBLvce8f6lNM3ifCN096kcbJNh7xar6KVXuQ18PALqWRRKD4mdTKAeO"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=Windows-1251
location: https://softoroom.org/style_images/1/back.png
referer: https://soyztreid.website/
cf-ray: 857eb70cfd68b72a-AMS
alt-svc: h3=":443"; ma=86400

GET
H3

200

back.png Show response
softoroom.org/style_images/1/
Redirect Chain

https://softoroom.org/qeobin/go.php?sid=7
https://softoroom.org/qeobin/got.php?sid=7
https://softoroom.org/style_images/1/back.png

138 B
702 B

38ms
38ms

Script
image/png

2606:4700:3033::ac43:dcb4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://softoroom.org/style_images/1/back.png

Requested by

Host: soyztreid.website
URL: https://soyztreid.website/vtags6.html

Protocol

Server

2606:4700:3033::ac43:dcb4 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

593b0639e29ef47cabf7abb5dab169803329f5a6a0632edb3c317c361d9f9dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age: 2099494
alt-svc: h3=":443"; ma=86400
content-length: 138
last-modified: Tue, 16 Nov 2021 08:45:31 GMT
server: cloudflare
etag: "61936fab-8a"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QlK5cbiTqA2Bpa29F0XhZ4fnbGuj52jknp5OKNLZIc%2FW0CPq%2BmE2D9obN%2F3Sa6qy2Xf3vEfjPfS6lralzN%2FmpNx3%2FHH1USOe5jcTuKhtAIYNjFlzSn80YOag1DgCmVjfBBIdM8AJp8Mmw3kr"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=5184000
accept-ranges: bytes
cf-ray: 857eb70d5eec22ab-CDG
expires: Tue, 26 Mar 2024 05:52:46 GMT

Redirect headers

date: Mon, 19 Feb 2024 13:04:20 GMT
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
x-powered-by: PHP/5.2.17
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yicYwHYxigPD4YbDzxtbgzOeM5efnzbrLiOwuSI0jGzfXlzJ4H8DNLAB1EMiwNuna5CLSJng7ssqocw6uXTp11c6T3pMCPoTIfTi7lmCMRgsK5du2uvQ7pLgv%2Fi%2BhhMy8w7U2sRjRebs%2Fw6o"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=Windows-1251
location: https://softoroom.org/style_images/1/back.png
referer: https://soyztreid.website/
cf-ray: 857eb70cdd4db72a-AMS
alt-svc: h3=":443"; ma=86400

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/ 406 KB
138 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7793663937367188&plah=soyztreid.website&aplac=true&bust=31081079

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d7fe6bebe6484790a986f2bda5eac0697ca0e59b6c427e4a4cb7d8bf79e8919

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 141011
x-xss-protection: 0
server: cafe
etag: 5415194899761148126
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 13:04:19 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/ Frame 4CD6 9 KB
5 KB 29ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soyztreid.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20975
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 07:14:44 GMT
etag: 3890843268177463596
expires: Mon, 04 Mar 2024 07:14:44 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2340 107 KB
40 KB 638ms
637ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&h=90&slotname=3871139047&adk=1407361067&adf=2156361760&pi=t.ma~as.3871139047&w=728&lmt=1708347860&format=728x90&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&alternate_ad_url=https%3A%2F%2Fsoyztreid.website%2Fweb-content.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347859923&bpp=2&bdt=284&idt=153&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&correlator=6172146610771&frm=20&pv=2&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=164

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/show_ads_impl_with_ama_fy2021.js?client=ca-pub-7793663937367188&plah=soyztreid.website&aplac=true&bust=31081079

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58af69039699b6b3b701fbd41e3fae349285ac802ab66d0bbc2decf17000d55b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soyztreid.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 40920
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 13:04:20 GMT
expires: Mon, 19 Feb 2024 13:04:20 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 47A5 131 KB
44 KB 1134ms
1134ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&h=280&slotname=3487995663&adk=3238957472&adf=595924912&pi=t.ma~as.3487995663&w=1200&fwrn=4&fwrnh=100&lmt=1708347860&rafmt=1&format=1200x280&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347860096&bpp=1&bdt=457&idt=1&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6172146610771&frm=20&pv=1&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

648b6ff7e0f4857edd88a6a6d572d2e4da342c636202853b8e9e334f12ed430b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soyztreid.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 44979
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 13:04:21 GMT
expires: Mon, 19 Feb 2024 13:04:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 693E 58 KB
19 KB 981ms
980ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&adk=1812271804&adf=3025194257&lmt=1708347860&plaf=2%3A2%2C7%3A2&plat=3%3A128%2C4%3A128%2C8%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x675_l%7C500x675_r&format=0x0&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~16&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347860107&bpp=2&bdt=468&idt=2&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C1200x280&nras=1&correlator=6172146610771&frm=20&pv=1&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cc0b7a0005342aa4ee56663a92c7e40b74499d5f9a6c07f4138a2a447425428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soyztreid.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19282
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 13:04:21 GMT
expires: Mon, 19 Feb 2024 13:04:21 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 3708546864978403706
tpc.googlesyndication.com/simgad/ Frame 2340 61 KB
62 KB 36ms
13ms Image
image/png 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3708546864978403706?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4ql1e1hz8VNTeFhhY5_ZS-mt3RlvTw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&h=90&slotname=3871139047&adk=1407361067&adf=2156361760&pi=t.ma~as.3871139047&w=728&lmt=1708347860&format=728x90&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&alternate_ad_url=https%3A%2F%2Fsoyztreid.website%2Fweb-content.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347859923&bpp=2&bdt=284&idt=153&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&correlator=6172146610771&frm=20&pv=2&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a8af0d7742cc52631e0a3bcba2b4dc3d85516733dbe365c95e80897069d458cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 12 Feb 2024 17:45:34 GMT
x-content-type-options: nosniff
age: 587926
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62726
x-xss-protection: 0
last-modified: Wed, 16 Aug 2023 10:08:38 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 11 Feb 2025 17:45:34 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 2340 23 KB
9 KB 31ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 10:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 10:14:41 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2340 3 KB
1 KB 30ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 10:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10179
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 10:14:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2340 20 KB
8 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72299
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2340 204 KB
61 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 639
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 13:53:41 GMT

GET
H2 200 one_click_handler_one_afma_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 2340 36 KB
14 KB 40ms
20ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 17:20:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71050
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14610
x-xss-protection: 0
server: cafe
etag: 17234995959194474601
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 17:20:10 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8CB 143 B
166 B 7ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&h=90&slotname=3871139047&adk=1407361067&adf=2156361760&pi=t.ma~as.3871139047&w=728&lmt=1708347860&format=728x90&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&alternate_ad_url=https%3A%2F%2Fsoyztreid.website%2Fweb-content.html&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347859923&bpp=2&bdt=284&idt=153&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&correlator=6172146610771&frm=20&pv=2&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=436&ady=47&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=164
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2008
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 12:30:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame E8CB
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

21ms
20ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 13:04:20 GMT
expires: Mon, 19 Feb 2024 13:04:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 13:04:20 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 2340 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e766c1471a8b202a3ac255424bf20bb681609c66c1172453092f5c5b423d729

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 2340
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CJPkz1FHTZaXiCf7lxtYPqYWgsA_ttMebdajPmrr3EWQQASDCuOAsYJWSoIKwB6ABjJTdpyjIAQKoAwHIA8kEqgTXAU_QbyGjU-tMC-kBnv0AI1FJwGKZ8YaGD7O69mrKds3imzkMA12ITdv...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228022061467739474436%22,%22debug_reporting%22:true,%22destination%22:%22https://fasteasy.io%22,%22event_report_window%22:%2...

0
0

53ms
38ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%228022061467739474436%22,%22debug_reporting%22:true,%22destination%22:%22https://fasteasy.io%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210820733452%22],%2222%22:[%22true%22],%224%22:[%2202-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2212116096498187624545%22}&andc=true

Requested by

Host: soyztreid.website
URL: https://soyztreid.website/vtags6.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"8022061467739474436","debug_reporting":true,"destination":"https://fasteasy.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10820733452"],"22":["true"],"4":["02-19"],"6":["true"]},"priority":"500","source_event_id":"12116096498187624545"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Feb 2024 13:04:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Feb 2024 13:04:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"8022061467739474436","debug_reporting":true,"destination":"https://fasteasy.io","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10820733452"],"22":["true"],"4":["02-19"],"6":["true"]},"priority":"500","source_event_id":"12116096498187624545"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 74BB 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 07:18:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20776
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 07:18:04 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 76ms
39ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 19 Feb 2024 13:04:20 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/ 165 KB
56 KB 51ms
50ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402080301/reactive_library_fy2021.js?bust=31081079

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e9f76c9b950564faa674d0c8b7ba79b26602f52e909352de531cf07fea0a1233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57043
x-xss-protection: 0
server: cafe
etag: 5549016483235476976
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 13:04:21 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 38ms
38ms Image
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&hl=ru&pvc=3003548383317364

Requested by

Host: soyztreid.website
URL: https://soyztreid.website/vtags6.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 13:04:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/ Frame 1B7A 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soyztreid.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 20830
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 07:17:11 GMT
etag: 3890843268177463596
expires: Mon, 04 Mar 2024 07:17:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5D06 222 KB
63 KB 368ms
89ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdNR1AAC94wE0b3UAAFWZOAh4IQYObNxbnAegg&u=%7CzbEcaLPsfFDVR6LHHlBB4npx%2Bko43NalYNMJPwCu3pE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869Pw3g1l6XVz7uQqB7wKn_iMuAsExwkSnmr4kniL9tzuXaGBQh3htBGO24utRXu3yOAxQ5vB0WGs5KWX1fwlwc6jXODO2ZYavRecV44IGXjZHxo5r-icqPFqs1fRutlPYkilvYF9lm8Atj0f3fQmRplDaRoMto-bjOCSWiY--r2vXd_-nrhOHUXUvyyOXZH_cLSk-c29M9CEogzGqxIcl-H2TMHjcGGP2GQqA7v4Vp3EXZREnQuO_Izi7ZWKcJaszYeqVzqNjKZi7ccIaxkUiGhge1yCArokps_4uidwlh4usUeAW3M-eNuh4-m4mhMtfILQZR_FtYiJsiB468QHHXdtiH_3nBxp2rEkmYpwFI4o8RV9YUT0-1-9rtKYdKZvAJWBaLXPpnFhuqsfihpKrPvAgwgaw5pY-6QcFH7qEzShKQeaD8Z_GwnSZiGJ2e7ay0saxNgjOry9VK1SHseHLUVRAxBPlCWpuDHGsGtunV8hdDrVidAGukbxQCINP_LCETvWHgYoYpSG8c8iy5vCCWz3u9l9P6TmFrRrvc84-3fE0O9AB6-jw7hkAAl200mm_PXkrZIIg3Jaz7Mkr8QqhwPjdTYHzL0uUQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHnhB1FHTZYzvC9T7xtYP5KyFmAvJntKxXL3plfdwwI23ARABIABglZKggrAHggEXY2EtcHViLTc3OTM2NjM5MzczNjcxODjIAQmpAuwUsmdyFLI-qAMByAMCqgTHAU_QoOVuNQHEwAXOmUsUFdUuREe7jlNQSMic5lP1PoESJ6G5zDbljxOiNrmRY_aTJWs0-kstQ5JsQhgvFnI7hH4ezLNzrPCBBWNEdTQOgD-P7C8Bm_sZ1FMr4D5nTwLU2zG9ZP2SJzCj39LD7Oc9vazzjfenZB07n_LNe-hqhm8qBGDSfNsKGRJDN3FhYci8LgyZDF5xdR-msoXL-EoYOKoC4wkXDFaLXnlPWQGJ3Vp3WPd3292-N04DI37J4vR-yCO3C1bePOWABoTHyqusjrKKrwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICECEi9_cE6WLr07Nq7t4QD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yc_fJN8KUhqidBo_qkbGPWLeEQA%26client%3Dca-pub-7793663937367188%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f0a7e5f8ef07a8c14a667788ed888d332652903d864775b85d27a1de8a7f2f3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 13:04:20 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=PKmKozz_O-7Me21VyVOUkVGN7wlWEJWj70ZKZCr8dyirDvTFSpmvXVOPMMgaOW_kPgRyjfXXxRL2WpnI1xXSnOft0bOJEGauvEAJSo_gn0RXU6AfYwX7kGBWMHzYtL_D36X8L2atC_4oy1HjXQgRQ2vVsuIJ71OFhd0MYni85GW-S5laat8_I4-ycdbaFeSRa-GqeB2neqtZvoQ2YtDOeMVGYelDNf9fb6RXEzrLC_O_xBhTuP07cr9FnXkGkW4TuDmotw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 69948763
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1B7A 3 KB
1 KB 12ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 10:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 10:14:41 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 1B7A 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 1B7A 204 KB
61 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 13:53:41 GMT

GET
DATA 200
OK truncated
/ Frame 1B7A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 77eafda8be8a02110291f5ebe32b40608de08dd4dcacc42eaa2ab007e0b43b0e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1B7A 0
19 B 47ms
46ms Image
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CTXk91FHTZYzvC9T7xtYP5KyFmAvJntKxXL3plfdwwI23ARABIABglZKggrAHggEXY2EtcHViLTc3OTM2NjM5MzczNjcxODjIAQmpAuwUsmdyFLI-qAMByAMCqgTEAU_QoOVuNQHEwAXOmUsUFdUuREe7jlNQSMic5lP1PoESJ6G5zDbljxOiNrmRY_aTJWs0-kstQ5JsQhgvFnI7hH4ezLNzrPCBBWNEdTQOgD-P7C8Bm_sZ1FMr4D5nTwLU2zG9ZP2SJzCj39LD7Oc9vazzjfenZB07n_LNe-hqhm8qBGDSfNsKGRJDN3FhYci8LgyZDF5xdR-msoXL-EoYeqgjcYmE3Gstjl6V1SFgeVRQUkF99cU8g4Y-hYx2_NhmUOkjK7-ABoTHyqusjrKKrwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICECEi9_cE6WLr07Nq7t4QDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTc3OTM2NjM5MzczNjcxODgYAA&sigh=l0OkDvi1tQg&uach_m=%5BUACH%5D&cid=CAQSTwAvHhf_xhqiGAET_qtz6RoH5g1tj0pLTrRR8_eB9D0-2lLksOksQUrLNXOpxsfcW7DhN_sDtLL1Fr9JHPo0mPNERovR8Hrcchj2dItVGdsYAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Feb 2024 13:04:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 1B7A 0
126 B 254ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kOzRGbr5RO0HfJ2DYgICAAAAdliawjpDG6MQ1FHTZU_AF9hVFWzhDQYAABIAAAoKQVFVREFRRUJBUQ&wp=ZdNR1AAC94wE0b3UAAFWZOAh4IQYObNxbnAegg&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 134191
server: Kestrel
content-length: 0

GET
H2 200 5d115d22c534f80a76417856e32eef9c.js Show response
www.gstatic.com/mysidia/ Frame 47A5 8 KB
4 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5d115d22c534f80a76417856e32eef9c.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&h=280&slotname=3487995663&adk=3238957472&adf=595924912&pi=t.ma~as.3487995663&w=1200&fwrn=4&fwrnh=100&lmt=1708347860&rafmt=1&format=1200x280&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347860096&bpp=1&bdt=457&idt=1&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6172146610771&frm=20&pv=1&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 07:21:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3749
x-xss-protection: 0
last-modified: Tue, 13 Feb 2024 01:25:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 May 2024 07:21:28 GMT

GET
H2 200 39b1936085524998ebfc7677a2ba517e.js Show response
www.gstatic.com/mysidia/ Frame 47A5 10 KB
4 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/39b1936085524998ebfc7677a2ba517e.js?tag=text/vanilla_highlight

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Tue, 13 Feb 2024 08:56:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 533281
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4466
x-xss-protection: 0
last-modified: Fri, 09 Feb 2024 05:57:34 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Mon, 13 May 2024 08:56:20 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 47A5 14 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:81c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 19 Feb 2024 13:04:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 19 Feb 2024 13:03:24 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 19 Feb 2024 13:04:21 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 47A5 2 KB
822 B 9ms
9ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/ Frame 47A5 23 KB
9 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 10:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8991
x-xss-protection: 0
server: cafe
etag: 11525033739721728465
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 10:14:41 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 47A5 3 KB
1 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 10:14:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10180
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Mar 2024 10:14:41 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/ Frame 47A5 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240215/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Sun, 18 Feb 2024 16:59:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 72300
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8220
x-xss-protection: 0
server: cafe
etag: 16176141338659805634
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Mar 2024 16:59:21 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 47A5 204 KB
61 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:53:41 GMT
content-encoding: br
x-content-type-options: nosniff
age: 640
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62824
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 19 Feb 2024 13:53:41 GMT

GET
H2 200 c0f9635aabdd33ab086e3930fa461563.js Show response
www.gstatic.com/mysidia/ Frame 47A5 36 KB
15 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/c0f9635aabdd33ab086e3930fa461563.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 07:18:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 20780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15250
x-xss-protection: 0
last-modified: Fri, 16 Feb 2024 00:22:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 19 May 2024 07:18:01 GMT

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A08F 143 B
166 B 8ms
7ms Document
text/html 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7793663937367188&output=html&h=280&slotname=3487995663&adk=3238957472&adf=595924912&pi=t.ma~as.3487995663&w=1200&fwrn=4&fwrnh=100&lmt=1708347860&rafmt=1&format=1200x280&url=https%3A%2F%2Fsoyztreid.website%2Fvtags6.html&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1708347860096&bpp=1&bdt=457&idt=1&shv=r20240215&mjsv=m202402080301&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=6172146610771&frm=20&pv=1&ga_vid=1249384033.1708347860&ga_sid=1708347860&ga_hid=1240176814&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=147&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31081141%2C95322434%2C95324580%2C95325068%2C31081079%2C95323760%2C95320868%2C95321866%2C95324155%2C95324161%2C95325080&oid=2&pvsid=3003548383317364&tmod=231019134&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=3
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2009
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=3600
content-encoding: gzip
content-length: 145
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 12:30:52 GMT
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 47A5 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fd838e84fcd59695a5145e5be13bf4dd5a2376c776ac667ef25345c906e5e793

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v58/ Frame 47A5 33 KB
34 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v58/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Wed, 14 Feb 2024 04:54:54 GMT
x-content-type-options: nosniff
age: 461367
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 34108
x-xss-protection: 0
last-modified: Tue, 23 May 2023 16:35:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 13 Feb 2025 04:54:54 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame A08F
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
17 B

18ms
18ms

Document
text/html

2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 13:04:21 GMT
expires: Mon, 19 Feb 2024 13:04:21 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 13:04:21 GMT
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5D06 2 KB
1 KB 45ms
19ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZdNR1AAC94wE0b3UAAFWZOAh4IQYObNxbnAegg&u=%7CzbEcaLPsfFDVR6LHHlBB4npx%2Bko43NalYNMJPwCu3pE%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z1MiR3q3hC869Pw3g1l6XVz7uQqB7wKn_iMuAsExwkSnmr4kniL9tzuXaGBQh3htBGO24utRXu3yOAxQ5vB0WGs5KWX1fwlwc6jXODO2ZYavRecV44IGXjZHxo5r-icqPFqs1fRutlPYkilvYF9lm8Atj0f3fQmRplDaRoMto-bjOCSWiY--r2vXd_-nrhOHUXUvyyOXZH_cLSk-c29M9CEogzGqxIcl-H2TMHjcGGP2GQqA7v4Vp3EXZREnQuO_Izi7ZWKcJaszYeqVzqNjKZi7ccIaxkUiGhge1yCArokps_4uidwlh4usUeAW3M-eNuh4-m4mhMtfILQZR_FtYiJsiB468QHHXdtiH_3nBxp2rEkmYpwFI4o8RV9YUT0-1-9rtKYdKZvAJWBaLXPpnFhuqsfihpKrPvAgwgaw5pY-6QcFH7qEzShKQeaD8Z_GwnSZiGJ2e7ay0saxNgjOry9VK1SHseHLUVRAxBPlCWpuDHGsGtunV8hdDrVidAGukbxQCINP_LCETvWHgYoYpSG8c8iy5vCCWz3u9l9P6TmFrRrvc84-3fE0O9AB6-jw7hkAAl200mm_PXkrZIIg3Jaz7Mkr8QqhwPjdTYHzL0uUQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHnhB1FHTZYzvC9T7xtYP5KyFmAvJntKxXL3plfdwwI23ARABIABglZKggrAHggEXY2EtcHViLTc3OTM2NjM5MzczNjcxODjIAQmpAuwUsmdyFLI-qAMByAMCqgTHAU_QoOVuNQHEwAXOmUsUFdUuREe7jlNQSMic5lP1PoESJ6G5zDbljxOiNrmRY_aTJWs0-kstQ5JsQhgvFnI7hH4ezLNzrPCBBWNEdTQOgD-P7C8Bm_sZ1FMr4D5nTwLU2zG9ZP2SJzCj39LD7Oc9vazzjfenZB07n_LNe-hqhm8qBGDSfNsKGRJDN3FhYci8LgyZDF5xdR-msoXL-EoYOKoC4wkXDFaLXnlPWQGJ3Vp3WPd3292-N04DI37J4vR-yCO3C1bePOWABoTHyqusjrKKrwGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggkCIDhgBAQATICqgI6CYBAgICEgICECEi9_cE6WLr07Nq7t4QD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0yc_fJN8KUhqidBo_qkbGPWLeEQA%26client%3Dca-pub-7793663937367188%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Feb 2025 13:04:21 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5D06 2 KB
1 KB 42ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Feb 2025 13:04:21 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5D06 308 B
637 B 40ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 13 Feb 2025 13:04:21 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5D06 293 B
621 B 45ms
20ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 13 Feb 2025 13:04:21 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5D06 43 B
348 B 50ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=8ODDa5bv5Y_COa4rINbWoCScE-mlY5ASnHVb7-WcguseFijvoO8okw_5XMyn_50azHmIpds76eim4sxG1Ozj1EwqIc0dwSzXBuvsB49CotvBc6jU1vePaMqtdyB4Js6-wOTwoJKuaAnGDXUmQsXeio5w0NUVSbLSnA2-SoBjD7mK6XJkdmuJN_M1221YCbNPUE9y6AYRU_QHpg0y9fvaqRw8CK32sPDkTaMSGxPMGt94A2touwA9GWknAkAkZrj56l0LONuUDdQRSB8vz_yYbAbu94uU8qX6a2zqfQc6gwU6cWeGjpRPLP0hMSBZ9oowpgf4UnGF1X-FVfpw5aG0c6yAgOkSDo_q5DVKU43LcjgIgo0RMFM8WncGeAJCNbNTU5HECSAzE7dxwZa3rsW_jzZxmayF2nA_bsrKjkr-1xvpWAOeTtAxBAYBsWsgVMHR7VVIyA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1683018
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5D06 12 KB
6 KB 25ms
18ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Feb 2025 13:04:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 2 KB
3 KB 382ms
122ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1852%2F5267407%2F9d1f7fe3f2b4490eae62bdb7c70d3857_mydays_logo_800x1200px.jpg&v=3&w=196&rid=4&s=ELiC7ArAbOc0HrkUCMgXQSA3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6097dce154d833d3d0ff53dae6d0cee6012164e26602901920089fdd9fe93ff3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2412
expires: Sat, 25 Jan 2025 11:57:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 63 KB
63 KB 307ms
47ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1852%2F5267407%2F140d286656a3466e81da8ecab0f70419_3_bubble_hotel_1200x628px.jpg&v=3&w=1200&rid=4&s=oN3-eILWWqE8kI66PpX4rxW4

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

25b47186a3d8d000d926efcd15043fccf642b766f02cd76240f59235654384a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 64240
expires: Sat, 25 Jan 2025 11:57:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 22 KB
22 KB 290ms
30ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBDsIgEAXQu_x1Cy40beYqYlwM02JjhAzTkEi4u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_P67osF3eUHRO2t4HuHSqgDtZcQLcJ_01PGeMxfg.jpg&v=3&w=400&rid=4&s=FlTqes4g1nEx8N0U1_EUWX7D&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

506addea39611c7a5b70eea34a514c558c1ea213e554edecf5a06860f6abf8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 22720
expires: Sun, 19 Jan 2025 08:53:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 25 KB
26 KB 315ms
55ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBCsIwEAXQu_x1myBYC3MVIy4m08YiJkymBAy5u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_Py7rcru4oOyZsbwPdO1RAHay5gJYJ_01PGeMxfg.jpg&v=3&w=400&rid=4&s=leEnBUA4XGN4oVAUX24Fs1jq&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0eec9fc4a9cb8e88d95b67997def42ae98f458d41e781bbe2614e423572ff246

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 26060
expires: Sat, 25 Jan 2025 11:57:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 32 KB
33 KB 299ms
39ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBCsMgEAXQu_x1opQQAnOVWroYJzWhVBknCBXv3r7F66jKICSzUin44Ftr7syc5DNXTk2Or6iLEnzRHC-2eReJwdfnbVuXxZ3lhQn720D3DhVQB2suoHXCf9NLxniMHw.jpg&v=3&w=400&rid=4&s=P-eHjJJk_FaJpJV-wXSt3lNs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e207969081740fa9a94d729b20abbaa2e74881361d2797922cf905a05257f877

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 33252
expires: Fri, 24 Jan 2025 13:36:46 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 14 KB
14 KB 285ms
25ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBDsIgEAXQu_x1C7Gmm7mKGBfDtLQxQoZpSCTcXd_idVRlEJJZqRR88K01d2ZO8pkrpybHV9RFCb5ojhfbvInE4OtruS3r3Z1lx4TtbaBHhwqogzUX0Drhv-klYzzHDw.jpg&v=3&w=400&rid=4&s=qrkNyQcS6y6GAZtQe18zyca8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1b2a05492091da4ecb6326ee3ed45974da66f58918ecd8890dde7be6aa4d551a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 14386
expires: Sat, 25 Jan 2025 11:57:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 27 KB
27 KB 59ms
57ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBDsIgEAXQu_x1C7FNN3MVMS6GqbQxQoZpSCTcXd_idVRlEJJZqRR88K01d2ZO8pkrpybHV9RFCb5ojhfbvIvE4OvztqzL6s7ywoT9baB7hwqogzUX0Dbhv-klYzzGDw.jpg&v=3&w=400&rid=4&s=hLbuRsQ7d44czvseeb32yoUr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5c5082a05508d8b6e938aecdad8558eae6f82b648771b50e3aa469f12fe13175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 27148
expires: Thu, 06 Feb 2025 11:02:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 10 KB
10 KB 49ms
47ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBDsIgEAXQu_x1C7qwmrmKGBfDVGyMkGEaEgl3t2_xOqoyCMmsVAo--Naa2zIn-c6VU5P3T9RFCb5ojjvbvIrE4OvzvFxvJ7eVFyasHwPdO1RAHay5gC4Tjk13GeMx_g.jpg&v=3&w=400&rid=4&s=-vGOBCEWOnAbveeNRufpkXb1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4826e5f18a319a30ecee3807096d9e666815a752a64dd1ca8d887755727030ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 9922
expires: Sat, 25 Jan 2025 11:57:11 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 10 KB
10 KB 49ms
48ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcQxDgIhEAXQu_x6F7SwmdJIYWFjK8YCZsWNETLMhkTC3fUVr6NKACGplkreettaM2sOiT9zDanx68tiIntbJMct6LwwR2_r43Jy7ni-ut3erOWJCctbQbcOYVBHkFxAhwn_VTYe4z5-.jpg&v=3&w=400&rid=4&s=90Q7peFM9Wgc7yhmYpAK7sYA&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

ff13ec95b81e757c7448ba3e228bd8cc9dd09f2c5f6703127f610e0b3a54fe71

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10274
expires: Sun, 19 Jan 2025 08:52:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 10 KB
10 KB 57ms
56ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBCsMgEAXQu_x1oos2BOYqtXQxTmpCqDJOECrevX2L11GVQUhmpVLwwbfW3JE5yWeunJrsX1EXJfiiOV5s8yYSg6-vZb3dV3eUNyZsp4EeHSqgDtZcQMuE_6aXjPEcPw.jpg&v=3&w=400&rid=4&s=9OkmqQd1cPwPyUOqozFMjAv0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

38d37e10122d8b238b03f0905a3d84a23c3969aa599b84fab5c79ffdb9a03627

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10410
expires: Sat, 25 Jan 2025 11:57:15 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 12 KB
12 KB 50ms
49ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBDsIgEAXQu_x1Cy60aeYqYlwM02JjhAzTkEi4u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_P67IuF3eUHRO2t4HuHSqgDtZcQLcJ_01PGeMxfg.jpg&v=3&w=400&rid=4&s=UySRO3v4G_HENl4A4Ggi_oH2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

81927f136a499df72adde8a4e7047b285156814704b7b4c832102ab33d33a719

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11784
expires: Sat, 25 Jan 2025 11:57:16 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 21 KB
21 KB 44ms
43ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBCsMgEAXQu_x1ohCaReYqtXQxTmpCqTJOECrevX2L11GVQUhmpVLwwbfW3Jk5yWeunJocX1EXJfiiOV5s8y4Sg6_P27asizvLCxP2t4HuHSqgDtZcQOuE_6aXjPEYPw.jpg&v=3&w=400&rid=4&s=QQCA54NRNrYiFhLq-Lwfm5oZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e637bdce15b219ea19bc4270928677332f125fb652e2d0b47e6c9bdcb81aeee3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21070
expires: Sun, 02 Feb 2025 10:06:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 34 KB
34 KB 51ms
50ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcSxDsIgEAbgd_nnFurgcrOJk7ODGIfjKjZGyHENiYR312_4OqoyCMmsVAo--Naa2zIn-cyVU5PXV9RFCb5ojjvbvIrE4OvjcrqeD8vitvLEhPVtoFuHCqiDNRfQccJ_013GuI8f.jpg&v=3&w=400&rid=4&s=hYX38OnUbyFTpXGE6ySV6ccN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e0aa5d474f5db0011770427c14223f61571c2cfdcd1fc615e97a73a14d0f9a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 34620
expires: Sun, 19 Jan 2025 08:52:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 16 KB
16 KB 54ms
53ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBCsMgEAXQu_x1onQRSuYqtXQxTmpCqTJOECLevX2L11GVQUhmpVLwwbfW3JE5yXeunJrsl6iLEnzRHE-2eROJwdfX_bYu7ihvTNg-Bnp0qIA6WHMBLRP-m54yxnP8AA.jpg&v=3&w=400&rid=4&s=Dj3rfcu3g_gJNh8j5EYvuu0X&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2eb31b43c6193f952b759bd4035fac74c5444bcf1a39758aa254014185204946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16630
expires: Sat, 25 Jan 2025 11:57:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 16 KB
16 KB 53ms
52ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcQxDgIhEAXQu_x6F7SwmdJIaa2JGAuYFTdGyDAbEgl311e8jioBhKRaKnnrbWvNrDkk_sw1pMavL4uJ7G2RHLeg88Icva2P88m54_XidnuzlicmLG8F3TqEQR1BcgEdJvxX2XiM-_gB.jpg&v=3&w=400&rid=4&s=I3rx47TQ9vBiS6uOX_6FkEn4&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c98c905e8fdc1bc41ca8567945d28341c471a90dbffe9e3329326142472c1a8d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16352
expires: Sat, 18 Jan 2025 12:22:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 31 KB
32 KB 55ms
54ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBDsIgEAXQu_x1CzHWRecqYlwM02JjhAzTkEi4u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_PZV0uV3eUHRO2t4HuHSqgDtZcQLcJ_01PGeMxfg.jpg&v=3&w=400&rid=4&s=nUrFEq7KgLW3xfkrB0L7-M3b&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

85286198c7948c9129d9e85bef4bae991b85a9db25b6b97fb8325c56fd2ad1b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 32248
expires: Sat, 25 Jan 2025 11:57:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 16 KB
17 KB 56ms
55ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBCsIwEAXQu_x1m4BWKHMVIy4m08YiJkymBAy5u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_P5XpZF3eUHRO2t4HuHSqgDtZcQLcJ_01PGeMxfg.jpg&v=3&w=400&rid=4&s=pb52gNf4AUwmA-0oXBMZHqrB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c406431bd4a5f721f1748d202a826738de7f2ec07baec1aa6006703b7749acf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16756
expires: Sat, 25 Jan 2025 11:57:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 16 KB
16 KB 62ms
61ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcQxCgIxEAXQu_x6N7ERYUoxpY2VYMQimTUuYsJkloAhd9dXvI4qAYSkWip5621rzaw5JP7MNaTGry-LiextkRy3oPPCHL2tj_PJueP14nYHs5YnJixvBd06hEEdQXIB7Sf8V9l4jPv4AQ.jpg&v=3&w=400&rid=4&s=hBWMIseDZ68DSBtXHGK-zyYS&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5ae67bb6f0700ec35ed6530238b029bc4c9663592fb3884f7bdee6383a6f1b23

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16632
expires: Sat, 25 Jan 2025 12:10:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 11 KB
11 KB 59ms
59ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBCsIwEAXQu_x1m2ClIHMVIy4m08YiJkymBAy5u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_P62VZbu4oOyZsbwPdO1RAHay5gNYJ_01PGeMxfg.jpg&v=3&w=400&rid=4&s=OjVedD61cDw4IK7PdBxZNNrl&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c0f81fb4fa3484dd7fcb202158831870910501de12c7742afc96426f027c20be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11346
expires: Sun, 26 Jan 2025 10:15:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 28 KB
29 KB 61ms
61ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBCsMgEAXQu_x1ogTSReYqtXQxTmJDqTJOECrevX2L11GVQUhmpVLwwbfW3Jk5yWeunJq8vqIuSvBFc7zY5l0kBl-f67otizvLgQn720D3DhVQB2suoNuE_6aXjPEYPw.jpg&v=3&w=400&rid=4&s=Q73y-bkDdv2A0RH_miYWPp_w&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a784783c22d8201ad337bce0eb3e825495e3a72da6c854d085e6cff8a45b4ef6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 28964
expires: Sat, 25 Jan 2025 12:21:41 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 11 KB
11 KB 61ms
60ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcSxDsIgEAbgd_nnFly63Kaxo84mxTjAVWyMkOMaEgnvrt_wNRTxIETVXMhZZ2utZks-8mcsPlZ-fVlMYGezpLB7HVfm4Gx5XM7zfLodr4fJbPmJAetbQUuDMKjBS8qgacB_lZ17v_cf.jpg&v=3&w=400&rid=4&s=khYHldQbx2F26H9KgP358Ewo&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

360b20bf3abdcd15c83adbe8904ebead5bcaad00118afa09aad47cf8c74212ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10860
expires: Sun, 26 Jan 2025 10:13:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 11 KB
11 KB 60ms
59ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcSxDsIgEAbgd_nnFnRwudHYOLmbinGAq9gYIcc1JBLeXb_hayjiQYiquZCzztZazZp85M9YfKz8-rKYwM5mSWHzOi7MwdnyuJym6Xidz7u9WfMTA5a3gm4NwqAGLymDDgP-q2zc-73_AA.jpg&v=3&w=400&rid=4&s=ixUiEtDolx64o0UeMUQZC9Br&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cb6a9c74cc0863fc12a460ab51dbcd085cd04430e314be727213fb7bd123d22e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 11272
expires: Fri, 24 Jan 2025 12:46:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5D06 43 KB
43 KB 63ms
63ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=1852&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F1131923%2Fdata%2FDcRBDsIgEAXQu_x1CwtrauYqYlwM02JjhAzTkEi4u77F66jKICSzUin44Ftr7sic5DNXTk1eX1EXJfiiOZ5s8yYSg6_PZbmsN3eUHRO2t4HuHSqgDtZcQNcJ_01PGeMxfg.jpg&v=3&w=400&rid=4&s=uU9kbPe-K0vTSvhTfLUBwQcJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eee48d867e7166a0ac96388d6717110625694dfc27a77afd9b5b450fb075837d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:20 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 44044
expires: Sat, 25 Jan 2025 11:57:10 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5D06 0
128 B 271ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=PKmKozz_O-7Me21VyVOUkVGN7wlWEJWj70ZKZCr8dyirDvTFSpmvXVOPMMgaOW_kPgRyjfXXxRL2WpnI1xXSnOft0bOJEGauvEAJSo_gn0RXU6AfYwX7kGBWMHzYtL_D36X8L2atC_4oy1HjXQgRQ2vVsuIJ71OFhd0MYni85GW-S5laat8_I4-ycdbaFeSRa-GqeB2neqtZvoQ2YtDOeMVGYelDNf9fb6RXEzrLC_O_xBhTuP07cr9FnXkGkW4TuDmotw&sds=2&rev=90666&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5D06 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Feb 2025 13:04:21 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5D06 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 13 Feb 2025 13:04:21 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 47A5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=C-Zbb1FHTZa3ACqOS3rsP44SXsAzTndbobIHp0ZHOEsCNtwEQASDCuOAsYJWSoIKwB6ABxdeHkijIAQGoAwHIA8sEqgTQAU_Q1vY0Wjc_jFLv6k2IjpBsVPVKLcnXR0Fk5REhiGwJsKM3qpb...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216617770276221934021%22,%22debug_reporting%22:true,%22destination%22:%22https://software.fish%22,%22event_report_window%22...

0
0

38ms
38ms

Fetch
text/css

142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2216617770276221934021%22,%22debug_reporting%22:true,%22destination%22:%22https://software.fish%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%2210775292869%22],%2222%22:[%22true%22],%224%22:[%2202-19%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%222211667043669723889%22}&andc=true

Requested by

Host: soyztreid.website
URL: https://soyztreid.website/vtags6.html

Protocol

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:21 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"16617770276221934021","debug_reporting":true,"destination":"https://software.fish","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10775292869"],"22":["true"],"4":["02-19"],"6":["true"]},"priority":"500","source_event_id":"2211667043669723889"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 19 Feb 2024 13:04:21 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 19 Feb 2024 13:04:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"16617770276221934021","debug_reporting":true,"destination":"https://software.fish","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["10775292869"],"22":["true"],"4":["02-19"],"6":["true"]},"priority":"500","source_event_id":"2211667043669723889"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js Show response
pagead2.googlesyndication.com/bg/ Frame 9DBF 51 KB
19 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/VWSJSM-ccN57m6m2QPs-NP7cxacmqKiEaeV8lk1iunM.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 07:18:04 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20777
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19939
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 07:18:04 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2340 42 B
64 B 55ms
40ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjst2BhG_4ytsphI4VVXM20S24WvvZajtEjGMDpMXUIEKekmoZmNbuqWp5A5EI_aRi0e77YfAQg989H09AMfpZVuqzYxoyLw87JrNo2Nc7lxSUtqWGMIWB0tVSt2LosAVolWKQQCThlGcRw76HnlEP5p-mHxWNNI97Tccjw&sai=AMfl-YTNDt3_JIYyLncmMm-DV3re7Y9OUPpDkK0Bp45yw8yZ4LEwJe5x6I3Zz88QIb84q6T_yaycwVSBidkKHbheqlNVb_6XGJUKVZrTZiSp597KsQtMxchcjXeHxsypshh66VZRcsfAozKNldfZtBG8tQ&sig=Cg0ArKJSzLAbXXmJ9GvWEAE&cid=CAQSTwAvHhf_pp1csjbsI-VcBtQPixxPrFZwA35bXcYZV0VY91OAtj0vdDxPcHeQTif6zXrHRIGhCggsXk9R-6G8O6Q-YuSCPEwFdu5QCiu1a5wYAQ&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=1407361067&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=428066000&rst=1708347860089&rpt=710&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 13:04:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 39ms
38ms Preflight
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 19 Feb 2024 13:04:21 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 53ms
53ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240215&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cefee368b179dc9f3bc0aeaee52db3bb1f535d7c4d6a4b8002d6cc935bf5b6a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:22 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12284
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 69ms
69ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 19 Feb 2024 13:04:22 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame CCDC 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://soyztreid.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 2140
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 12:28:42 GMT
expires: Tue, 18 Feb 2025 12:28:42 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8DE1 829 B
559 B 16ms
16ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7eb113b4d2d3f4a32a29569a2853fecce5fec0fd0933ce389c8b854faf319921

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Yox-98AEdhsji8Kx9oXNHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://soyztreid.website/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-Yox-98AEdhsji8Kx9oXNHw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 19 Feb 2024 13:04:22 GMT
expires: Mon, 19 Feb 2024 13:04:22 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js Show response
pagead2.googlesyndication.com/bg/ Frame CCDC 39 KB
15 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Ke811GU8D9oP10uMu54EDqWuI5DGCOjC6vNIGcZJ2dY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 12:09:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3322
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15261
x-xss-protection: 0
last-modified: Mon, 12 Feb 2024 13:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 18 Feb 2025 12:09:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8DE1 0
0 71ms
71ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240215&jk=3003548383317364&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame CCDC 0
10 B 13ms
12ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-AM1ig
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

date: Mon, 19 Feb 2024 13:04:22 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1B7A 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssta3JcmFVXfpTPxdQXpKnKcDYnmYP-EJLoioHhZUb3P_XnUaHnpen-bH2gG1WowUbnrPYrNVL2gd7nb3x4-JRY-iyWVzRoVvHKtD9YUVaaWL_rZH1gNuhP9kRwYJW3oUhRAp5WCw&sig=Cg0ArKJSzJcmdqJP0raMEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=93,776,1000,1127,1293&tos=93,683,224,127,166&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=428066100&rst=1708347861167&rpt=52&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 13:04:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 47A5 42 B
64 B 41ms
41ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuj38YwE4rW2E4c4gMDeFOj9iTh9YOBUedZ9WPoVfjQZwL2QEzE25EMfRan2NotS4ofjRCEF5fbnG7ww2gZT7eGMgE3Aeg-lPxlbAs6vbGF4iGc-pQaHYfpnmpNHdDLqxAF30eu750GEkqsqS2PB3EWdhzmaUBHgU-4sg&sai=AMfl-YShBU1RI72Bv1GeuAg1j8nuNfHptffB0dP0YYTs1jMehBQAJf-abUUA--3EMVSlAaRj1Kh6VBa2QrCsKIbBDuhgDQbLRyMoIScasAyk2Qhdc9GiXg8hzhUuOuME8W85hRwibNDOW7qS0XB3H6rm&sig=Cg0ArKJSzNnkwgX3htXpEAE&cid=CAQSTgAvHhf_z2_4pAjNHXSgaB7hhTeu7Rr5lR2XL2ewbB6jp21BaYKh7zty31qAdUdmhtHttc5LIuFG-JhklmJz5lSvK_gl06UpKd1em0w1rxgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240215&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3238957472&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=428066100&rst=1708347860100&rpt=1534&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Feb 2024 13:04:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5D06 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 19 Feb 2024 13:04:21 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 41ms
41ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240215&jk=3003548383317364&bg=!AgGlAU7NAAZN4L4YbeA7ADQBe5WfOL5GA67JfHMkHE857Zu9ZTxR-sZu5qplrcC8iMc10t3tLdv8Qjhb_Z4Kb7utCtxNAgAAADdSAAAAAWgBB5kC1T4kv-JO1HJy_WkAFu1fuG-R4-4G4H4B8j0LTfDt3FWLrz_FLM3X3NUABNrA0PAEe90cjobv4D2Wg75Pj1XGv8nL0CVF-1XcI6iGHNVPB5p7tKVxAApEM3yr1jRmWaXeLKt0ig0Z1-QMaWbB5oVfKDj7hiDe68A4KLV2i5y6z6X2wB1XlvKqtuqZ-qWA9BoQa3KEtBNQdMehVztBxSLiX5gy_mmyEImiFiUfXV2AA0dss1zfavc1dwkWeJMeRSD2mOJeYDNfLpFiv8FMDmqSZuQmVzAALan3CPMGQ-6GX3KMYRskwpasEC0b3XauiX3Sr98UX_7j2LfjYjke0MvppDchLxGo7jS2i7fWw65tF4qMiiEU90YXQ6L2Q7ViYlKuYUg00Z52B-Y2mJe0LMAHl-pjm-V8WiQPP_KSCAt9VyKyI8aC72PuMp24xA33adAq6t6wLQOSNz2o6PCcScXD8mUQmtEOUzeUpZCxmBMRNaeCnvIubHKoen_WdeJpKJ8iOzFkG1bpbm0ukt1EGl4uz3PEPfqL5i8YrW00WUT8fde2N6oDNLZ9gL4PEZFqWZSO_Cxq2o_9JBZENugENjEVqemA2IH-Lj1mCdU9fH2gQTE3WBX_lLQqlZMJjMYPPGUG8SpXlcsbU7K3I0f7U2moXb0buHef8eD-enEbFG1Zisd69nhVUBBJkLGv9Pjh49feZ97gd0nGSC3ubbtSoEvFH3VfMpcGhSj3dH1ky5ic1PI2Vcb9VTMNuGGh_9zO3_K8W9Wp8PZxem6V_-4b5pDIztmpFD8MGM7_lzY06DXi0Hba6MydkPcWgoHa5oMpsMyl59VVYnJKttWNEUCLavVzdzqeSF1kgxbXdmJ8221LE4mU-Ayqui43GLrFEieHl3nMbhS8dPk1oZP2qu7f7KXv8fQ_g5ta9Mw3dfMxUOmVFrXZPgrPBpn3Fwj9mT-fEzz2wbdKwVJM
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://soyztreid.website/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.184 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.soyztreid.website/	1970-01-21 03:54:03	Name: __gads Value: ID=92aad88c4ab77590:T=1708347860:RT=1708347860:S=ALNI_MZROBxtXhgMEyPR0o4j7yuxPZXPjQ
.soyztreid.website/	1970-01-21 03:54:03	Name: __gpi Value: UID=00000d5c7ad4dfbd:T=1708347860:RT=1708347860:S=ALNI_MYc23mjNYft1xvVfgwK9WE3MNEB-g
.soyztreid.website/	1970-01-20 22:51:39	Name: __eoi Value: ID=76c6858935d0e1b3:T=1708347860:RT=1708347860:S=AA-AfjZyzn68LKNyNEXhm8hdwRl-
.doubleclick.net/	1970-01-20 18:32:31	Name: DSID Value: NO_DATA
.doubleclick.net/	1970-01-21 03:54:03	Name: IDE Value: AHWqTUluggVibs1sRJSbgXWkigGl9ivlIT8sWz9eJ1scE-NoRIS6iuAXfWmVxvJNDeo
.googleadservices.com/	1970-01-20 20:42:03	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 18:32:28	Name: test_cookie Value: CheckForPermission

31 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://soyztreid.website/vtags6.html Message: Refused to execute script from 'https://softoroom.org/style_images/1/back.png' because its MIME type ('image/png') is not executable.
security	error	URL: https://soyztreid.website/vtags6.html Message: Refused to execute script from 'https://softoroom.org/style_images/1/back.png' because its MIME type ('image/png') is not executable.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20240215/r20110914/zrt_lookup_fy2021.html?fsb=1(Line 17) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://soyztreid.website/vtags6.html Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
ajax.googleapis.com
cat.nl3.eu.criteo.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
rtb.nl3.eu.criteo.com
softoroom.org
soyztreid.website
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googleadservices.com
www.gstatic.com
142.250.185.194
178.250.1.6
2606:4700:3033::ac43:dcb4
2606:4700:3037::6815:540e
2a00:1450:4001:806::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:830::2003
2a00:1450:4001:830::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
04fa628bda6f9b1ab5f71827ce6c71e8c6ad495a3a5a0ed8858c6f5b2f0513ff
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0bd3e64a75f43409aa3141f35c5d1bd599773aec49d61aaa02522dbe6101c247
0e766c1471a8b202a3ac255424bf20bb681609c66c1172453092f5c5b423d729
0eec9fc4a9cb8e88d95b67997def42ae98f458d41e781bbe2614e423572ff246
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b2a05492091da4ecb6326ee3ed45974da66f58918ecd8890dde7be6aa4d551a
1cc0b7a0005342aa4ee56663a92c7e40b74499d5f9a6c07f4138a2a447425428
245cec0922828c15b3709eb696bb5a565f2f911f71e242024570698701c9540c
25b47186a3d8d000d926efcd15043fccf642b766f02cd76240f59235654384a7
29ef35d4653c0fda0fd74b8cbb9e040ea5ae2390c608e8c2eaf34819c649d9d6
2eb31b43c6193f952b759bd4035fac74c5444bcf1a39758aa254014185204946
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
360b20bf3abdcd15c83adbe8904ebead5bcaad00118afa09aad47cf8c74212ad
38d37e10122d8b238b03f0905a3d84a23c3969aa599b84fab5c79ffdb9a03627
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
473f98fc0967c2c122456fc402d7db00d57d3fe3b46a12d075d10eb26a55dd5b
4826e5f18a319a30ecee3807096d9e666815a752a64dd1ca8d887755727030ea
4d196aab20ec653c7f7dfc1e03cc9e2e3dd7f36ab63d756f7c436c93b26c1007
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
506addea39611c7a5b70eea34a514c558c1ea213e554edecf5a06860f6abf8d0
55648948cf9c70de7b9ba9b640fb3e34fedcc5a726a8a88469e57c964d62ba73
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
58af69039699b6b3b701fbd41e3fae349285ac802ab66d0bbc2decf17000d55b
593b0639e29ef47cabf7abb5dab169803329f5a6a0632edb3c317c361d9f9dd2
5ae67bb6f0700ec35ed6530238b029bc4c9663592fb3884f7bdee6383a6f1b23
5c5082a05508d8b6e938aecdad8558eae6f82b648771b50e3aa469f12fe13175
6097dce154d833d3d0ff53dae6d0cee6012164e26602901920089fdd9fe93ff3
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
648b6ff7e0f4857edd88a6a6d572d2e4da342c636202853b8e9e334f12ed430b
65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
702b9e051e82b32038ffdb33a4f7eb5f7b38f4cf6f514e4182d8898f4eb0b7fb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
77eafda8be8a02110291f5ebe32b40608de08dd4dcacc42eaa2ab007e0b43b0e
7eb113b4d2d3f4a32a29569a2853fecce5fec0fd0933ce389c8b854faf319921
81927f136a499df72adde8a4e7047b285156814704b7b4c832102ab33d33a719
841f365e0540df77f892242a962098480625d80f10e380bfb93329a027978632
85286198c7948c9129d9e85bef4bae991b85a9db25b6b97fb8325c56fd2ad1b0
8d7fe6bebe6484790a986f2bda5eac0697ca0e59b6c427e4a4cb7d8bf79e8919
8e71745ae04d67ff0a9fc05fee0446124bd5655998cb36c96a016b80b66e75d3
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a784783c22d8201ad337bce0eb3e825495e3a72da6c854d085e6cff8a45b4ef6
a8af0d7742cc52631e0a3bcba2b4dc3d85516733dbe365c95e80897069d458cf
b1a9b4d4a874d9284ffcbc5f13a10e05dbfc8697abedafdaa52f0b86d6e345b9
c0f81fb4fa3484dd7fcb202158831870910501de12c7742afc96426f027c20be
c406431bd4a5f721f1748d202a826738de7f2ec07baec1aa6006703b7749acf4
c98c905e8fdc1bc41ca8567945d28341c471a90dbffe9e3329326142472c1a8d
cb6a9c74cc0863fc12a460ab51dbcd085cd04430e314be727213fb7bd123d22e
cefee368b179dc9f3bc0aeaee52db3bb1f535d7c4d6a4b8002d6cc935bf5b6a8
e0aa5d474f5db0011770427c14223f61571c2cfdcd1fc615e97a73a14d0f9a83
e207969081740fa9a94d729b20abbaa2e74881361d2797922cf905a05257f877
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e637bdce15b219ea19bc4270928677332f125fb652e2d0b47e6c9bdcb81aeee3
e9f76c9b950564faa674d0c8b7ba79b26602f52e909352de531cf07fea0a1233
ed0c1c517909bbd09a44c30d9b2662778e45c29b5a0c09fad1825e002e9c7470
eee48d867e7166a0ac96388d6717110625694dfc27a77afd9b5b450fb075837d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a7e5f8ef07a8c14a667788ed888d332652903d864775b85d27a1de8a7f2f3c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fd838e84fcd59695a5145e5be13bf4dd5a2376c776ac667ef25345c906e5e793
ff13ec95b81e757c7448ba3e228bd8cc9dd09f2c5f6703127f610e0b3a54fe71

soyztreid.website Open in urlscan Pro 2606:4700:3037::6815:540e Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

96 %HTTPS

88 %IPv6

10 Domains

17 Subdomains

18 IPs

3 Countries

1399 kBTransfer

2962 kBSize

7 Cookies

0 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

soyztreid.website Open in urlscan Pro
2606:4700:3037::6815:540e Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

96 %
HTTPS

88 %
IPv6

10
Domains

17
Subdomains

18
IPs

3
Countries

1399 kB
Transfer

2962 kB
Size

7
Cookies

90 HTTP transactions
3 data transactions