roundyearfun.org Open in urlscan Pro
67.205.46.59 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://roundyearfun.org/
Effective URL:
https://roundyearfun.org/
Submission: On June 01 via manual (June 1st 2022, 2:04:09 pm UTC) from AU — Scanned from DE

Summary HTTP 77 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 20 IPs in 3 countries across 14 domains to perform 77 HTTP transactions. The main IP is 67.205.46.59, located in United States and belongs to DREAMHOST-AS, US. The main domain is roundyearfun.org.
TLS certificate: Issued by R3 on May 16th 2022. Valid for: 3 months.

This is the only time roundyearfun.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 20	67.205.46.59 67.205.46.59	26347 (DREAMHOST-AS) (DREAMHOST-AS)
10	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:800::2004	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2600:9000:206... 2600:9000:206f:9e00:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
77	20

20 67.205.46.59 (United States) 1 redirects

ASN26347 (DREAMHOST-AS, US)
PTR: ps635275.dreamhostps.com

roundyearfun.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:9e00:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 136	305 KB
20	roundyearfun.org 1 redirects roundyearfun.org	170 KB
13	criteo.net static.criteo.net — Cisco Umbrella Rank: 578 pix.eu.criteo.net — Cisco Umbrella Rank: 7369 csm.eu.criteo.net — Cisco Umbrella Rank: 7618	22 KB
5	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40	63 KB
3	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11353 ads.eu.criteo.com — Cisco Umbrella Rank: 7606 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 9295	50 KB
3	gstatic.com www.gstatic.com	14 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 70 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 163	84 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42	2 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 8526	914 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
1	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1303	689 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 768	647 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 206	4 KB
77	14

	Domain	Requested by
20	roundyearfun.org	1 redirects roundyearfun.org
10	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
10	pagead2.googlesyndication.com	roundyearfun.org pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	static.criteo.net	ads.eu.criteo.com
5	googleads.g.doubleclick.net	pagead2.googlesyndication.com roundyearfun.org
4	pix.eu.criteo.net	ads.eu.criteo.com
3	www.gstatic.com	googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.googletagservices.com	googleads.g.doubleclick.net
2	fonts.googleapis.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	www.google-analytics.com	roundyearfun.org www.google-analytics.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	secure-gl.imrworldwide.com	ads.eu.criteo.com
1	www.google.com	tpc.googlesyndication.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	roundyearfun.org
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	cdnjs.cloudflare.com	roundyearfun.org
77	20

This site contains links to these domains. Also see Links.

Domain
twitter.com

Subject Issuer	Validity	Valid
www.roundyearfun.org R3	`2022-05-16` - `2022-08-14`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-05-04` - `2022-07-27`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-22` - `2022-08-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-27` - `2022-08-25`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-05-18` - `2022-08-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh

This page contains 10 frames:

Primary Page: https://roundyearfun.org/
Frame ID: 50B74ED0F19BD62E03624AA0CD16E828
Requests: 35 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20190131/zrt_lookup.html
Frame ID: 5FC15956EDE3BAF16ADE97D506D3C4D5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3841738411630014&output=html&adk=1812271804&adf=3025194257&lmt=1654092244&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Froundyearfun.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654092244333&bpp=2&bdt=776&idt=227&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=364130503877&frm=20&pv=2&ga_vid=1046505561.1654092244&ga_sid=1654092245&ga_hid=2140714193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531557%2C44760474&oid=2&pvsid=1636342062464758&pem=929&tmod=2089313859&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243
Frame ID: FA882ED15C1527FEFF39F528F6D57FDA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8C5A86D761F43DE06929D045D357AF4C
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1
Frame ID: 5DA04FA9B0FC93CC4DE86EC4D5BE642B
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ypdx1AAJUlYIFU7jAA7nwnszffwrn73K8jo5NA&u=%7CAojpQ5mlyvDCtT3eri02gnLiTqbdpzVNW%2FRsaAvU5XU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUI7dkDPXdWoIlVKbmrEXIbKA6pxvN9y4y7eCjS5ZxpjfKOW8K9iRTB4UBKEqMn_lPgd6vBi65yjZqinu_JmrlwV84RQC-Nq74OUjX0mPtPk8hFWS-_pa1p17ME8xa5OEnEgMNCQF07vB2PSen7voC8Ee6iS-bL_jRj_ll3w0cp3d_iAynrzH-SoYDfqMMH9m7jwnYhKBzdjVgtp96jHNZRgZUgspnr4rVxhtWbpBQmukAyrRoNA1sNW8Ci7Bkl6eR80eLBwdQHgZ3nilPqzqv5zF99bdsN_LZpdYJTLthTj4uR-nvOPuf_BWWkKJxv2z6OK6W9YdeWyROSOQK3fIdwBnvbnWPZZ_OX0_xRNvZLw42Muwx3vKZOO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9W3e1HGXYtakJeOd1fAPws-7mAjJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NDE3Mzg0MTE2MzAwMTSgAdW20uoDyAEJqQJHwCnnJfuxPqgDAaoExgFP0C3ubX2YTuFU2uUP1bylMBIE9zWFdTWeN8Wc6e8acdMrSmCVUM89uqL93G_wiIFaPbNvfgFRZL7O404KG1Vhq3q9ByKRu7rweYXXD3GD3xh6gpxLe4BJmQa83QCA6V3EdUFCgF91mC5YgZVuxSn248bMN4-1siiLrcyWwss3Klfew0NXymDbbcf-7XSdQVpLTtbL9aNOx-Jrsb1Qt-nB840D7jOJpLt9fBD0Tq85v_H5ZNx90fvZz2WHJw0wXcMrgXXM8VyABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_15iS9Drkqk3-hkcaRqo601uIW57Q%26client%3Dca-pub-3841738411630014%26adurl%3D
Frame ID: 75A81F216CD7C2417B1E0F57FAD6141B
Requests: 16 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 2AC080A2CD94F678EBCDA213A9DCB2D1
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 40FC4330F3CAA8DA27CC39383C18E16A
Requests: 2 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: D98ED62425FE1A1754B6CA52F5219D82
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js
Frame ID: F6FF88B8FC4634460A5B1CE98454AF9C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Round Year Fun | Lustige Twitter-Spiele

Page URL History Show full URLs

http://roundyearfun.org/ HTTP 301
https://roundyearfun.org/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

77
Requests

100 %
HTTPS

74 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

736 kB
Transfer

1938 kB
Size

6
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://twitter.com/
Title: Twitter

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://roundyearfun.org/ HTTP 301
https://roundyearfun.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
roundyearfun.org/
Redirect Chain

http://roundyearfun.org/
https://roundyearfun.org/

29 KB
5 KB

690ms
506ms

Document
text/html

67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 32ef1d85fe9d38b91313f8115cf57c969c9b833c7b815625a3eae0939c4a6f92

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-language: de
content-type: text/html;charset=UTF-8
date: Wed, 01 Jun 2022 14:04:03 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: Apache
vary: Accept-Encoding,User-Agent

Redirect headers

Connection: Keep-Alive
Content-Length: 233
Content-Type: text/html; charset=iso-8859-1
Date: Wed, 01 Jun 2022 14:04:02 GMT
Keep-Alive: timeout=2, max=100
Location: https://roundyearfun.org/
Server: Apache

GET
H2 200 bootstrap2.min.css
roundyearfun.org/css/ 75 KB
13 KB 183ms
182ms Stylesheet
text/css 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roundyearfun.org/css/bootstrap2.min.css
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 9b4e2679e63e8dfdcc29a41a03c395e4eb17cb8589b7123f08178aaf611296ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:03 GMT
content-encoding: gzip
last-modified: Mon, 25 May 2020 10:42:12 GMT
server: Apache
etag: "12c6d-5a676a1a74900-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 14:04:03 GMT

GET
H2 200 landing-page.min.css
roundyearfun.org/css/ 2 KB
836 B 92ms
91ms Stylesheet
text/css 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roundyearfun.org/css/landing-page.min.css
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 09b3c5236d6e491e161cf5693eeac07349e94f19ae862c53e76e860224e92370

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:03 GMT
content-encoding: gzip
last-modified: Sun, 22 Dec 2019 21:05:36 GMT
server: Apache
etag: "88a-59a5145b3e800-gzip"
vary: Accept-Encoding,User-Agent
content-type: text/css
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 715
expires: Fri, 01 Jul 2022 14:04:03 GMT

GET
H2 200 fontawesome-webfont.woff
roundyearfun.org/font-awesome/fonts/ 64 KB
64 KB 91ms
91ms Font
font/woff 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roundyearfun.org/font-awesome/fonts/fontawesome-webfont.woff?v=4.2.0
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1

Request headers

Referer: https://roundyearfun.org/
Origin: https://roundyearfun.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:03 GMT
last-modified: Wed, 08 Mar 2017 10:13:28 GMT
server: Apache
etag: "ffac-54a356132e200"
vary: User-Agent
content-type: font/woff
cache-control: max-age=172800
accept-ranges: bytes
content-length: 65452
expires: Fri, 03 Jun 2022 14:04:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 160 KB
55 KB 199ms
107ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: roundyearfun.org
URL: https://roundyearfun.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

575e569efd0b16fd6778fde4402f71740840e2b3c4203155dd4a911b6a456593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 56161
x-xss-protection: 0
server: cafe
etag: 11097105973849413476
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 14:04:04 GMT

GET
H2 200 twitter-worth-icon.png
roundyearfun.org/icons/ 559 B
707 B 91ms
91ms Image
image/png 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/icons/twitter-worth-icon.png
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 178cc64262dd11b8e680201f5decb86d233a9a7ee63ea9ca1b1a4d9f67b54203

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Tue, 28 Jan 2020 13:49:36 GMT
server: Apache
etag: "22f-59d337e92dc00"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 559
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 pin-any-tweet-icon.png
roundyearfun.org/icons/ 510 B
583 B 92ms
90ms Image
image/png 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/icons/pin-any-tweet-icon.png
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 5e4682a1ccb3dffc4b160179518850b5d2d39b5f97c47fd912db7e8644d1eb37

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Sat, 22 Feb 2020 14:31:44 GMT
server: Apache
etag: "1fe-59f2aff497400"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 510
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 top-tweets-icon.png
roundyearfun.org/icons/ 541 B
592 B 92ms
90ms Image
image/png 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/icons/top-tweets-icon.png
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 626e7b951cb98a57217a613f0cf3dab2cea260200b8b19b19f87d25c25a68a21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Tue, 28 Jan 2020 13:49:34 GMT
server: Apache
etag: "21d-59d337e745780"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 541
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 emoji-mood-board-icon.png
roundyearfun.org/icons/ 620 B
693 B 92ms
90ms Image
image/png 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/icons/emoji-mood-board-icon.png
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 054e92bd37d0bf4216d263c485e807ccfc57c3393d880d7318e1ae8ab0ff9ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Tue, 28 Jan 2020 13:49:34 GMT
server: Apache
etag: "26c-59d337e745780"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 620
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 twitter-family-tree-icon.png
roundyearfun.org/icons/ 628 B
679 B 93ms
91ms Image
image/png 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/icons/twitter-family-tree-icon.png
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: b316bb4bef5aadcba38b876fce41b2f2830a096399e57622cb971283da85a003

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Tue, 28 Jan 2020 13:49:36 GMT
server: Apache
etag: "274-59d337e92dc00"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 628
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 tweet-time-icon.png
roundyearfun.org/icons/ 567 B
641 B 92ms
91ms Image
image/png 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/icons/tweet-time-icon.png
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: d1a04ec733be0bf850bb24060c02799eb1a72cad1cc41ad0075012a4add0d61e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Tue, 28 Jan 2020 13:49:35 GMT
server: Apache
etag: "237-59d337e8399c0"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 567
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 twitter-valentine-icon.png
roundyearfun.org/icons/ 554 B
605 B 93ms
91ms Image
image/png 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/icons/twitter-valentine-icon.png
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 113de117b45efc453ab50bc1ed09ccf54e236eb62e62c1292799db05bf92fb19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Tue, 28 Jan 2020 13:49:35 GMT
server: Apache
etag: "22a-59d337e8399c0"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 554
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 twit-combine-icon.png
roundyearfun.org/icons/ 790 B
841 B 93ms
92ms Image
image/png 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/icons/twit-combine-icon.png
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 61a3a8e0fa323e121b1484239005d94a709d5ba084343bb8877f050a0e7eb37b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Tue, 28 Jan 2020 13:49:34 GMT
server: Apache
etag: "316-59d337e745780"
vary: User-Agent,Accept-Encoding
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 790
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 jquery.js Show response
roundyearfun.org/js/ 82 KB
30 KB 96ms
95ms Script
application/javascript 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roundyearfun.org/js/jquery.js
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
content-encoding: gzip
last-modified: Wed, 08 Mar 2017 10:13:28 GMT
server: Apache
etag: "14915-54a356132e200-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 bootstrap2.min.js Show response
roundyearfun.org/js/ 39 KB
11 KB 93ms
92ms Script
application/javascript 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roundyearfun.org/js/bootstrap2.min.js
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 8ebd3a4d23c167bbf602dd30734c2ae1da37001e1effb16e24acb4cd061c72ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
content-encoding: gzip
last-modified: Fri, 01 May 2020 09:03:11 GMT
server: Apache
etag: "9bd6-5a4927359d1c0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 11104
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/5.1.2/ 7 KB
4 KB 58ms
27ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/5.1.2/lazysizes.min.js

Requested by

Host: roundyearfun.org
URL: https://roundyearfun.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31dd6a2d3a1ec0f78a8df007535cf23f03aeb5c70f026e6d6a19dac3b3acc340

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1088242
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2954
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:00 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed0-1b94"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eHYTAiyMBoUlYW7E9LCPCZnIIEi2N%2FwI%2BkhGqlSaXFcMWFhBpogo7DiD5PpqnRhg4E3HA%2FhWXXa704%2BdhQrGfIgNoQ%2BP2TAXOo5C3pWRfvLeBM1jA4U8%2Bfs85%2BBet2sO7%2FLuc3CszhozCuUoXe1VFBDq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 71487f0d9e7c9b92-FRA
expires: Mon, 22 May 2023 14:04:04 GMT

GET
H2 200 modernizr.js Show response
roundyearfun.org/js/ 3 KB
1 KB 183ms
182ms Script
application/javascript 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://roundyearfun.org/js/modernizr.js
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 288e7c30df2288293a54338f84b63f1dad06049f365ee682f40bf9f39157ec4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
content-encoding: gzip
last-modified: Thu, 19 Dec 2019 15:14:15 GMT
server: Apache
etag: "b2e-59a1003a73fc0-gzip"
vary: Accept-Encoding,User-Agent
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1260
expires: Fri, 01 Jul 2022 14:04:04 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 124ms
38ms Script
text/javascript 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: roundyearfun.org
URL: https://roundyearfun.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1758
date: Wed, 01 Jun 2022 13:34:46 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Wed, 01 Jun 2022 15:34:46 GMT

GET
H2 200 famtree.webp
roundyearfun.org/img/ 11 KB
11 KB 117ms
117ms Image
image/webp 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/img/famtree.webp
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 3c1f70d691e4cc71c1b0ccf7df44c9af8906fe110796eaa8d24805e0f5218c21

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Sun, 22 Dec 2019 19:36:11 GMT
server: Apache
etag: "2c88-59a5005ec80c0"
vary: User-Agent
cache-control: max-age=172800
accept-ranges: bytes
content-length: 11400
expires: Fri, 03 Jun 2022 14:04:04 GMT

GET
H2 200 twittervalentine.webp
roundyearfun.org/img/ 12 KB
12 KB 117ms
117ms Image
image/webp 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/img/twittervalentine.webp
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 62279714754c8130c4ce130cc70c233ac3ab8e89e1018cbb634d5eff71e78eb0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Sun, 22 Dec 2019 19:36:17 GMT
server: Apache
etag: "2ef0-59a5006480e40"
vary: User-Agent
cache-control: max-age=172800
accept-ranges: bytes
content-length: 12016
expires: Fri, 03 Jun 2022 14:04:04 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
208 B 46ms
45ms XHR
text/plain 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=2140714193&t=pageview&_s=1&dl=https%3A%2F%2Froundyearfun.org%2F&ul=en-us&de=UTF-8&dt=Round%20Year%20Fun%20%7C%20Lustige%20Twitter-Spiele&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=1052401870&gjid=1118276103&cid=1046505561.1654092244&tid=UA-17295545-8&_gid=687752622.1654092244&_r=1&_slc=1&z=1409565208

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://roundyearfun.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 14:04:04 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://roundyearfun.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 intro-bg.webp
roundyearfun.org/img/ 8 KB
8 KB 91ms
91ms Image
image/webp 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/img/intro-bg.webp
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/css/landing-page.min.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: 31da9c59e10c97efbfb0958a2ea56b4f6968ed76cb4a2f838bbd94c297f25ba1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/css/landing-page.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Sun, 22 Dec 2019 19:36:12 GMT
server: Apache
etag: "2066-59a5005fbc300"
vary: User-Agent
cache-control: max-age=172800
accept-ranges: bytes
content-length: 8294
expires: Fri, 03 Jun 2022 14:04:04 GMT

GET
H2 200 twitterworth.webp
roundyearfun.org/img/ 8 KB
8 KB 91ms
91ms Image
image/webp 67.205.46.59
DREAMHOST-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://roundyearfun.org/img/twitterworth.webp
Requested by: Host: roundyearfun.org
URL: https://roundyearfun.org/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 67.205.46.59 , United States, ASN26347 (DREAMHOST-AS, US),
Reverse DNS: ps635275.dreamhostps.com
Software: Apache /
Resource Hash: c04502575a4d36768335db85c8348850705e04f2d195a251d2bbf4974f0495af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Sun, 22 Dec 2019 19:36:20 GMT
server: Apache
etag: "1e3e-59a500675d500"
vary: User-Agent
cache-control: max-age=172800
accept-ranges: bytes
content-length: 7742
expires: Fri, 03 Jun 2022 14:04:04 GMT

GET
H3 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/ 317 KB
113 KB 139ms
66ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3841738411630014&plah=roundyearfun.org

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e5b2471587da0233175bfbc19414d3b9c4f16a2e108aa2e3c3e2b554a5f4cf1f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 115304
x-xss-protection: 0
server: cafe
etag: 12391128865367244625
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 14:04:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220526/r20190131/ Frame 5FC1 10 KB
5 KB 121ms
38ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220526/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roundyearfun.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 37696
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 03:35:48 GMT
etag: 1327746537699501093
expires: Wed, 15 Jun 2022 03:35:48 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 220 B
647 B 121ms
38ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=roundyearfun.org&callback=_gfp_s_&client=ca-pub-3841738411630014

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3841738411630014&plah=roundyearfun.org

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

7546fa32cc7df01bcb5c30251322c4e0b70bc40301012e1cca63619fc689e45a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 138ms
47ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=roundyearfun.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 14:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 129ms
45ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=roundyearfun.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 14:04:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 68ms
68ms Image
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&url=https%3A%2F%2Froundyearfun.org%2F&tn=NAV&cls=navbar%20navbar-default%20navbar-fixed-top%20topnav&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: roundyearfun.org
URL: https://roundyearfun.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 14:04:04 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FA88 191 KB
49 KB 515ms
515ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3841738411630014&output=html&adk=1812271804&adf=3025194257&lmt=1654092244&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Froundyearfun.org%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1654092244333&bpp=2&bdt=776&idt=227&shv=r20220526&mjsv=m202205260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=364130503877&frm=20&pv=2&ga_vid=1046505561.1654092244&ga_sid=1654092245&ga_hid=2140714193&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C44763507%2C42531557%2C44760474&oid=2&pvsid=1636342062464758&pem=929&tmod=2089313859&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=243

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e1a6ec12892f1cc4fae9c6f9c14aec5ddf497f3eb1f2ddc86a443e520112892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roundyearfun.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 50334
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 14:04:05 GMT
expires: Wed, 01 Jun 2022 14:04:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 136ms
54ms XHR
application/json 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220526&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03b3a44cf0222f059e0b4ba475b90565062df4acebf19f165812456d0a8f6d95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10681
x-xss-protection: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/ 147 KB
52 KB 73ms
73ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202205260101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc07a9333850a83bc3d168cc3630f4fc2ba66255b079bdaf93399eed86854029

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53673
x-xss-protection: 0
server: cafe
etag: 15955454437520430663
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 01 Jun 2022 14:04:05 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 120ms
46ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=roundyearfun.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 127ms
48ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=roundyearfun.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/ Frame 8C5A 10 KB
4 KB 118ms
39ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roundyearfun.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 13:15:34 GMT
etag: 1327746537699501093
expires: Wed, 15 Jun 2022 13:15:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/ Frame 5DA0 10 KB
4 KB 111ms
40ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roundyearfun.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2911
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4402
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 13:15:34 GMT
etag: 1327746537699501093
expires: Wed, 15 Jun 2022 13:15:34 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 143ms
51ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 14:04:05 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8C5A 4 KB
1 KB 130ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 13:26:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Jun 2022 14:04:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jun 2022 14:04:05 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8C5A 205 B
742 B 121ms
36ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:45:16 GMT
x-content-type-options: nosniff
age: 1129
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 01 Jun 2023 13:45:16 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8C5A 604 B
695 B 122ms
37ms Image
image/png 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 08:53:02 GMT
x-content-type-options: nosniff
age: 18663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 01 Jun 2023 08:53:02 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/elements/html/ Frame 8C5A 19 KB
8 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:02:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8280
x-xss-protection: 0
server: cafe
etag: 1405619832300133377
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 14:02:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5DA0 0
0 78ms
78ms Fetch
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfQzd1HGXYtakJeOd1fAPws-7mAjJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NDE3Mzg0MTE2MzAwMTSgAdW20uoDyAEJqQJHwCnnJfuxPqgDAaoEwwFP0C3ubX2YTuFU2uUP1bylMBIE9zWFdTWeN8Wc6e8acdMrSmCVUM89uqL93G_wiIFaPbNvfgFRZL7O404KG1Vhq3q9ByKRu7rweYXXD3GD3xh6gpxLe4BJmQa83QCA6V3EdUFCgF91mC5YgZVuxSn248bMN4-1siiLrcyWwss3Klfew0NXymDbbcf-7XSdQVpLTtbL9aNOx-Jrsb1Q9evgYQqMciA2OK_erC1StqYttUfzSsT_ZTPkaZc4OSEo2GmvksqABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM4NDE3Mzg0MTE2MzAwMTQYAA&sigh=N_smvreS7QM&uach_m=[UACH]&cid=CAQSGwCNIrLM6Qp0DpIgAFf-XTpHWSbttbRDc9jNTBgB

Requested by

Host: roundyearfun.org
URL: https://roundyearfun.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 01 Jun 2022 14:04:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 01 Jun 2022 14:04:05 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 5DA0 0
0 49ms
16ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RO0HfJ2DYgICAAAAttTfIx-4GNgQ03GXYilkJ5mC6wgvA_3nABIAAA&wp=Ypdx1AAJUlYIFU7jAA7nwnszffwrn73K8jo5NA

Requested by

Host: roundyearfun.org
URL: https://roundyearfun.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
server: Kestrel
server-processing-duration-in-ticks: 284937
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 75A8 160 KB
49 KB 190ms
151ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Ypdx1AAJUlYIFU7jAA7nwnszffwrn73K8jo5NA&u=%7CAojpQ5mlyvDCtT3eri02gnLiTqbdpzVNW%2FRsaAvU5XU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUI7dkDPXdWoIlVKbmrEXIbKA6pxvN9y4y7eCjS5ZxpjfKOW8K9iRTB4UBKEqMn_lPgd6vBi65yjZqinu_JmrlwV84RQC-Nq74OUjX0mPtPk8hFWS-_pa1p17ME8xa5OEnEgMNCQF07vB2PSen7voC8Ee6iS-bL_jRj_ll3w0cp3d_iAynrzH-SoYDfqMMH9m7jwnYhKBzdjVgtp96jHNZRgZUgspnr4rVxhtWbpBQmukAyrRoNA1sNW8Ci7Bkl6eR80eLBwdQHgZ3nilPqzqv5zF99bdsN_LZpdYJTLthTj4uR-nvOPuf_BWWkKJxv2z6OK6W9YdeWyROSOQK3fIdwBnvbnWPZZ_OX0_xRNvZLw42Muwx3vKZOO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9W3e1HGXYtakJeOd1fAPws-7mAjJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NDE3Mzg0MTE2MzAwMTSgAdW20uoDyAEJqQJHwCnnJfuxPqgDAaoExgFP0C3ubX2YTuFU2uUP1bylMBIE9zWFdTWeN8Wc6e8acdMrSmCVUM89uqL93G_wiIFaPbNvfgFRZL7O404KG1Vhq3q9ByKRu7rweYXXD3GD3xh6gpxLe4BJmQa83QCA6V3EdUFCgF91mC5YgZVuxSn248bMN4-1siiLrcyWwss3Klfew0NXymDbbcf-7XSdQVpLTtbL9aNOx-Jrsb1Qt-nB840D7jOJpLt9fBD0Tq85v_H5ZNx90fvZz2WHJw0wXcMrgXXM8VyABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_15iS9Drkqk3-hkcaRqo601uIW57Q%26client%3Dca-pub-3841738411630014%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2a371bd11af461bebfbdd7b4d85f4d6aaffceef77085bdb3f226df37851c0494

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 14:04:04 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=nf9pqXr4S_yXdajGCqDd6LmeshJD70gUntBnsgghuJd_yUC4L4oMyab6YWDVsDEQtAD3b_yVw244chaQWoQU8yo7zOhmlIxWDD1KVPZVj_7imhrxTriXFy_ecIuStgkVYaMOz0WQ8YkWL0mTH_UhYa_pB4SrdSKWxcpKcfa15kwIoXw1U9n3s7GvzGMW8s1ymHEJkVhVkL4OTcvRXTD1G7BiUUqj2CRQbOFIlevTJoueT8IN2arRz0E4OuiV1PPpLZ3M_Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 134779349
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame 5DA0 3 KB
1 KB 38ms
38ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:58:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 13:58:40 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5DA0 136 KB
42 KB 71ms
70ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 14:04:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame 5DA0 17 KB
7 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2492ffaee03911100316db89800ea85e9dab57634b3bcd59c4b41de886ffe3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7307
x-xss-protection: 0
server: cafe
etag: 17708877374763515558
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 13:58:21 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2AC0 13 KB
5 KB 110ms
36ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://roundyearfun.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1219
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 13:43:46 GMT
expires: Thu, 01 Jun 2023 13:43:46 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 40FC 783 B
1 KB 135ms
48ms Document
text/html 2a00:1450:4001:800::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

43176bc31aa0b6ea22a987f8f3b8ee54a486778f4fefdc6d92c6e5ad1553e525

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tbsKY9fQpi4IvN8vw70DkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://roundyearfun.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-tbsKY9fQpi4IvN8vw70DkQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 01 Jun 2022 14:04:05 GMT
expires: Wed, 01 Jun 2022 14:04:05 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame 5DA0 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9a016fae174a636bd518b09a675d6b608e84d682f88478e6281bcf7ac995815a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 css
fonts.googleapis.com/ Frame D98E 6 KB
670 B 118ms
45ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 13:28:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Wed, 01 Jun 2022 14:04:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 01 Jun 2022 14:04:05 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame D98E 2 KB
904 B 36ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:01:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 14:01:50 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/ Frame D98E 21 KB
9 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2e696fc5a16bb33e2462796a76fba8e5cc004fca3385e46c344d3f2d3418c967

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:52:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 721
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8678
x-xss-protection: 0
server: cafe
etag: 16978244397020590470
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 13:52:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame D98E 3 KB
1 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:37:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1622
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 13:37:03 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D98E 136 KB
42 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42680
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1653478767633683"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 01 Jun 2022 14:04:05 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/ Frame D98E 17 KB
7 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220526/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f2492ffaee03911100316db89800ea85e9dab57634b3bcd59c4b41de886ffe3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:58:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 344
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7307
x-xss-protection: 0
server: cafe
etag: 17708877374763515558
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 15 Jun 2022 13:58:21 GMT

GET
H3 200 1a132ce94651f9fd8f1d4e10540034d5.js Show response
www.gstatic.com/mysidia/ Frame D98E 31 KB
13 KB 118ms
39ms Script
text/javascript 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1a132ce94651f9fd8f1d4e10540034d5.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220526/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 29 May 2022 20:23:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 236437
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13011
x-xss-protection: 0
last-modified: Thu, 26 May 2022 00:03:09 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sat, 27 Aug 2022 20:23:28 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 40FC 0
0 84ms
84ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220526&jk=1636342062464758&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame 2AC0 36 KB
14 KB 37ms
36ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 13:52:03 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 75A8 2 KB
1 KB 45ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ypdx1AAJUlYIFU7jAA7nwnszffwrn73K8jo5NA&u=%7CAojpQ5mlyvDCtT3eri02gnLiTqbdpzVNW%2FRsaAvU5XU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUI7dkDPXdWoIlVKbmrEXIbKA6pxvN9y4y7eCjS5ZxpjfKOW8K9iRTB4UBKEqMn_lPgd6vBi65yjZqinu_JmrlwV84RQC-Nq74OUjX0mPtPk8hFWS-_pa1p17ME8xa5OEnEgMNCQF07vB2PSen7voC8Ee6iS-bL_jRj_ll3w0cp3d_iAynrzH-SoYDfqMMH9m7jwnYhKBzdjVgtp96jHNZRgZUgspnr4rVxhtWbpBQmukAyrRoNA1sNW8Ci7Bkl6eR80eLBwdQHgZ3nilPqzqv5zF99bdsN_LZpdYJTLthTj4uR-nvOPuf_BWWkKJxv2z6OK6W9YdeWyROSOQK3fIdwBnvbnWPZZ_OX0_xRNvZLw42Muwx3vKZOO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9W3e1HGXYtakJeOd1fAPws-7mAjJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NDE3Mzg0MTE2MzAwMTSgAdW20uoDyAEJqQJHwCnnJfuxPqgDAaoExgFP0C3ubX2YTuFU2uUP1bylMBIE9zWFdTWeN8Wc6e8acdMrSmCVUM89uqL93G_wiIFaPbNvfgFRZL7O404KG1Vhq3q9ByKRu7rweYXXD3GD3xh6gpxLe4BJmQa83QCA6V3EdUFCgF91mC5YgZVuxSn248bMN4-1siiLrcyWwss3Klfew0NXymDbbcf-7XSdQVpLTtbL9aNOx-Jrsb1Qt-nB840D7jOJpLt9fBD0Tq85v_H5ZNx90fvZz2WHJw0wXcMrgXXM8VyABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_15iS9Drkqk3-hkcaRqo601uIW57Q%26client%3Dca-pub-3841738411630014%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 May 2023 14:04:05 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 75A8 2 KB
1 KB 45ms
15ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 May 2023 14:04:05 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 75A8 308 B
636 B 43ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sat, 27 May 2023 14:04:05 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 75A8 293 B
622 B 41ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sat, 27 May 2023 14:04:05 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 75A8 0
689 B 144ms
99ms Image
text/plain 2600:9000:206f:9e00:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1654092245
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ypdx1AAJUlYIFU7jAA7nwnszffwrn73K8jo5NA&u=%7CAojpQ5mlyvDCtT3eri02gnLiTqbdpzVNW%2FRsaAvU5XU%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANddNRPYHnj5tZXpmi0sBbUI7dkDPXdWoIlVKbmrEXIbKA6pxvN9y4y7eCjS5ZxpjfKOW8K9iRTB4UBKEqMn_lPgd6vBi65yjZqinu_JmrlwV84RQC-Nq74OUjX0mPtPk8hFWS-_pa1p17ME8xa5OEnEgMNCQF07vB2PSen7voC8Ee6iS-bL_jRj_ll3w0cp3d_iAynrzH-SoYDfqMMH9m7jwnYhKBzdjVgtp96jHNZRgZUgspnr4rVxhtWbpBQmukAyrRoNA1sNW8Ci7Bkl6eR80eLBwdQHgZ3nilPqzqv5zF99bdsN_LZpdYJTLthTj4uR-nvOPuf_BWWkKJxv2z6OK6W9YdeWyROSOQK3fIdwBnvbnWPZZ_OX0_xRNvZLw42Muwx3vKZOO&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC9W3e1HGXYtakJeOd1fAPws-7mAjJntKxXM2jlvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NDE3Mzg0MTE2MzAwMTSgAdW20uoDyAEJqQJHwCnnJfuxPqgDAaoExgFP0C3ubX2YTuFU2uUP1bylMBIE9zWFdTWeN8Wc6e8acdMrSmCVUM89uqL93G_wiIFaPbNvfgFRZL7O404KG1Vhq3q9ByKRu7rweYXXD3GD3xh6gpxLe4BJmQa83QCA6V3EdUFCgF91mC5YgZVuxSn248bMN4-1siiLrcyWwss3Klfew0NXymDbbcf-7XSdQVpLTtbL9aNOx-Jrsb1Qt-nB840D7jOJpLt9fBD0Tq85v_H5ZNx90fvZz2WHJw0wXcMrgXXM8VyABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_15iS9Drkqk3-hkcaRqo601uIW57Q%26client%3Dca-pub-3841738411630014%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:9e00:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 14:04:05 GMT
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-C1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: GiDmcYpdLWEEgfm2ePBjYUFwEsz5Kczq0vJqkJtnrP2Ao1_X4zOpxg==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 75A8 43 B
349 B 512ms
56ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=UUmWMPEQXosB4o_DSZQa_qdMyZ76ZIxO-6elL2VF87_W1AjNNQYs_PlD-hHKkvW4tXxTRhTKH5QQoiVIt71OHF7GVc8mEsNkoubVWVNOEB01vcffvAWcHczL6L6yHWmdNEPPNbJXB8_2cHHXAd5RkGQe66LvKfqCi-fE0WcFHo4PDOXu8LApo2z9GyJo7Z8EhjdtW2trDQbEVC5o8qLcCdEDme1Yg0H0fawipLMNegd1XUGjaab-klIE9UP4gWheqd9HElBW_r8RMYAKSfADA3j6OHkm6Ht1SUcdhkSbpPsa1elbyWpR7Y-NA1yUwBq2EbSgcGQeBipt6akZia4nY2rc_qbbLPJfL2aU20H8IPLmz5vlaAQ6nzCxst6oOU4Y7uf9sIJgbcWQAPd5b0udSDPU_YZkWFM704GPXwHnBRlzLV2A5QJvla1F4VUYfCBqmkIH6Q

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 14:04:05 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 39534364
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 75A8 12 KB
6 KB 39ms
20ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 May 2023 14:04:05 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 75A8 5 KB
5 KB 164ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=1VjkrEGz0-tU4Tlj32yh-jEc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=30280780
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 5106
expires: Thu, 18 May 2023 01:23:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 75A8 1 KB
2 KB 163ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDienstleistungs-Center-Halle-GmbH-DLC-Halle-153157DE.gif%3Feb%3D1&v=3&w=800&s=5ZBJ5qniP8NhN_Q2K8FX3HYz&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1658481
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1382
expires: Mon, 20 Jun 2022 18:45:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 75A8 820 B
1 KB 163ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FL%2FlogoLeo_Burnett_GmbH_19430DE.gif%3Feb%3D1&v=3&w=800&s=di22_fue-pVVL2IbXJ-v2ezq&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

518e0bbb0e89110ec5407444707f006f89958ffc138bf1a8a809e1970b4fc837

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2468847
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 820
expires: Thu, 30 Jun 2022 03:51:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 75A8 2 KB
2 KB 164ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2Flogodrivetech-Fahrversuch-GmbH-171567DE.gif%3Feb%3D1&v=3&w=800&s=1GTJgbcAiVvY7_ggstT1IrP4&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:04 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1569267
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1538
expires: Sun, 19 Jun 2022 17:58:33 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 75A8 0
128 B 291ms
16ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=nf9pqXr4S_yXdajGCqDd6LmeshJD70gUntBnsgghuJd_yUC4L4oMyab6YWDVsDEQtAD3b_yVw244chaQWoQU8yo7zOhmlIxWDD1KVPZVj_7imhrxTriXFy_ecIuStgkVYaMOz0WQ8YkWL0mTH_UhYa_pB4SrdSKWxcpKcfa15kwIoXw1U9n3s7GvzGMW8s1ymHEJkVhVkL4OTcvRXTD1G7BiUUqj2CRQbOFIlevTJoueT8IN2arRz0E4OuiV1PPpLZ3M_Q&sds=2&rev=81571&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 01 Jun 2022 14:04:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 75A8 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 May 2023 14:04:05 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 75A8 2 KB
1 KB 23ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 27 May 2023 14:04:05 GMT

GET
H3 200 b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js Show response
pagead2.googlesyndication.com/bg/ Frame F6FF 36 KB
14 KB 37ms
37ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b_DSvT5BjDf3L7mXasT585du80JYgOthzDrRF7aJqH4.js

Requested by

Host: roundyearfun.org
URL: https://roundyearfun.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 13:52:03 GMT
content-encoding: br
x-content-type-options: nosniff
age: 722
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13882
x-xss-protection: 0
last-modified: Tue, 24 May 2022 10:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 01 Jun 2023 13:52:03 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 2AC0 0
9 B 36ms
35ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?dCW1iA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 14:04:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 104ms
104ms Image
text/html 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220526&jk=1636342062464758&bg=!mpmlmd3NAAao8wy8iPM7ACkAdvg8WlFKP86WwPMvUO7zdb92yYpOgeMfAQqyyZQyVjZioHAquHNoiQIAAACiUgAAAAJoAQeZAqy_xXkbe5RYE7VtSAaGhz31Z2p5scfUN0Q_C9nlsLW15Or3jvn6njbmdI0AhoYgo34l-v7wZr7-gdjarUQ9N1vSyGEvPZV-J3rhkoGfjDYdbxC3X3LfwqeJi-eUM1OpP9sLX4D7oKkc5XplggmZHJMnHDXQSjJVBuWuKkJRq3s154ewzJebFsTTrCgqA5Iwu8OBivf58rE_zsF24NL1yoPs9nLdB8e72KcM9IssDQiDrJS9q4_EG68dIEUKIps5KMxUskfRzu1txgaCTRb_awqChlK1HvkTerwnrWQyFsFplS9Q0D3fnZy5ynpyH4P7e-Hf4txu41voVJWNrKGFuKPMX-mRkky08BFyjwxZbru4t7S3KQCgkVgt0xfZfntsW_4NlAIZ6GSNFN96f6NFgCbo2-Gza3GZF6fqs511upG1m8QSYjgZbPQ6paytOwx05_RQ9IpWwBsLlKpZ7IUTR4pbzXUUS8KH5LLGAeIOEVOTJMPa3eAQGBAVzJpIwVoZAlKg9KQ3rihd0tpxe5R-SiX6Z7iAk73WP5bNnIyNYWEfNnl7LJVZxpx6u9GX7zNHqjzj3qiMkMbhOg3hdjtvTr2yWZXzHN5vWiyRoXJkEfesBxym1Zo8_5z7N0AeiUvxV1wLktahREhqEU-vj7aCsPKiEStKXCjSJVYRRpAbFo1jEmOPqEdDdX9zSzDFkouOb_wgPmUVJv8rkEOpzwYQnVB5Z7WDxlbFVn2nngcvRXMwPMIA0oO_AO6KJlrt8f2nzsmilgNlu4U5hT3yt06VP6PT_lXX67_ZC1cSGbaA2kIeBhUc6BiYtH2VufnWPU2ABlrycV9gM05-eTQdGwIG4e3CQWCQpNRaTTDykDmb3dIjS_xdPcr1xZ2iFv_-7AW83lh5FAuA0CZYbmtyb9o
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://roundyearfun.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5DA0 42 B
64 B 72ms
72ms Fetch
image/gif 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsucXyzceOI9kNu8OZf_0EshtHoWgVTyZfyq8-l0rpuU3GPED68R3y83bMLQIBUFbrqaHrMalGoJyAUpQxJDcJ9J&sig=Cg0ArKJSzIhKpFSwcE83EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=119,804,1000,1153,1153&tos=119,685,196,153,0&v=20220525&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1654092245308&rpt=251&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 01 Jun 2022 14:04:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 75A8 0
127 B 17ms
17ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Wed, 01 Jun 2022 14:04:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Verdicts & Comments Add Verdict or Comment

53 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
roundyearfun.org/	1969-12-31 23:59:59	Name: PHPSESSID Value: 0a4ccae3455dae48ea32bfc7c0426cfb
.roundyearfun.org/	1970-01-20 20:59:24	Name: _ga Value: GA1.2.1046505561.1654092244
.roundyearfun.org/	1970-01-20 03:29:38	Name: _gid Value: GA1.2.687752622.1654092244
.roundyearfun.org/	1970-01-20 03:28:12	Name: _gat Value: 1
.roundyearfun.org/	1970-01-20 12:49:48	Name: __gads Value: ID=3cbd8a0e5f26ea4c-22c3e991a3cd0032:T=1654092244:RT=1654092244:S=ALNI_MY9-dNgFUk_Xdo1ph5m1y6lTmfg4g
.doubleclick.net/	1970-01-20 12:49:48	Name: IDE Value: AHWqTUnyM9ZwCHC5u5GXIx6r3g2jJCblstCu3lSNEa1zPkL3N4cnNaeC92bc6A8sum4

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
roundyearfun.org
rtb.nl.eu.criteo.com
secure-gl.imrworldwide.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.gstatic.com
142.250.186.130
178.250.0.160
178.250.0.162
178.250.2.135
2600:9000:206f:9e00:1e:a43d:b640:93a1
2606:4700::6811:190e
2a00:1450:4001:800::2004
2a00:1450:4001:809::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200e
2a00:1450:4001:828::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200a
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::b
67.205.46.59
01284adf0039080c4d89732ef83440fd31b310a7bf3867b83b030f99ffd1f1c1
03b3a44cf0222f059e0b4ba475b90565062df4acebf19f165812456d0a8f6d95
054e92bd37d0bf4216d263c485e807ccfc57c3393d880d7318e1ae8ab0ff9ffd
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
09b3c5236d6e491e161cf5693eeac07349e94f19ae862c53e76e860224e92370
113de117b45efc453ab50bc1ed09ccf54e236eb62e62c1292799db05bf92fb19
178cc64262dd11b8e680201f5decb86d233a9a7ee63ea9ca1b1a4d9f67b54203
199411f659f41aaccb959bacb1b0de30e54f244352a48c6f9894e65ae0f8a9a1
288e7c30df2288293a54338f84b63f1dad06049f365ee682f40bf9f39157ec4e
2a371bd11af461bebfbdd7b4d85f4d6aaffceef77085bdb3f226df37851c0494
2e696fc5a16bb33e2462796a76fba8e5cc004fca3385e46c344d3f2d3418c967
31da9c59e10c97efbfb0958a2ea56b4f6968ed76cb4a2f838bbd94c297f25ba1
31dd6a2d3a1ec0f78a8df007535cf23f03aeb5c70f026e6d6a19dac3b3acc340
32ef1d85fe9d38b91313f8115cf57c969c9b833c7b815625a3eae0939c4a6f92
3c1f70d691e4cc71c1b0ccf7df44c9af8906fe110796eaa8d24805e0f5218c21
43176bc31aa0b6ea22a987f8f3b8ee54a486778f4fefdc6d92c6e5ad1553e525
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
518e0bbb0e89110ec5407444707f006f89958ffc138bf1a8a809e1970b4fc837
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
575e569efd0b16fd6778fde4402f71740840e2b3c4203155dd4a911b6a456593
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5e1a6ec12892f1cc4fae9c6f9c14aec5ddf497f3eb1f2ddc86a443e520112892
5e4682a1ccb3dffc4b160179518850b5d2d39b5f97c47fd912db7e8644d1eb37
5f5654d3095dcc7a871f7d4c1355b2c9eea3eb0d8f72f87e65b0cf51961aefd6
61a3a8e0fa323e121b1484239005d94a709d5ba084343bb8877f050a0e7eb37b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62279714754c8130c4ce130cc70c233ac3ab8e89e1018cbb634d5eff71e78eb0
626e7b951cb98a57217a613f0cf3dab2cea260200b8b19b19f87d25c25a68a21
6ff0d2bd3e418c37f72fb9976ac4f9f3976ef3425880eb61cc3ad117b689a87e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7546fa32cc7df01bcb5c30251322c4e0b70bc40301012e1cca63619fc689e45a
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7de3cdb1a5dffb33bb9662f0fce8d25aa5e49f5d88e3bc2a066f491d5bb3fe7d
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ebd3a4d23c167bbf602dd30734c2ae1da37001e1effb16e24acb4cd061c72ef
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9a016fae174a636bd518b09a675d6b608e84d682f88478e6281bcf7ac995815a
9b4e2679e63e8dfdcc29a41a03c395e4eb17cb8589b7123f08178aaf611296ca
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b316bb4bef5aadcba38b876fce41b2f2830a096399e57622cb971283da85a003
bc07a9333850a83bc3d168cc3630f4fc2ba66255b079bdaf93399eed86854029
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c04502575a4d36768335db85c8348850705e04f2d195a251d2bbf4974f0495af
cba47082178b1574a96fa49c257693082949237914f632073da2f476dc81e0db
d163c31927cd560f033622147103e545feb6787d3131e43dc261f6c5de3cfdd0
d1a04ec733be0bf850bb24060c02799eb1a72cad1cc41ad0075012a4add0d61e
db3985c4d5ae08ac22f3958d29da53f4edcd150439f74c668074c65ea0981da6
dbfffa2ccca810c8921d8ff5d03714c06b4646838e8d96c0de4f05be3561de16
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4a7e92291c7c3762e70fa50a9125648bf36ceb3756d1a8aab689bcea989d8e4
e5b2471587da0233175bfbc19414d3b9c4f16a2e108aa2e3c3e2b554a5f4cf1f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2492ffaee03911100316db89800ea85e9dab57634b3bcd59c4b41de886ffe3e
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

roundyearfun.org Open in urlscan Pro 67.205.46.59 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

74 %IPv6

14 Domains

20 Subdomains

20 IPs

3 Countries

736 kBTransfer

1938 kBSize

6 Cookies

1 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

roundyearfun.org Open in urlscan Pro
67.205.46.59 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

74 %
IPv6

14
Domains

20
Subdomains

20
IPs

3
Countries

736 kB
Transfer

1938 kB
Size

6
Cookies

77 HTTP transactions
2 data transactions