www.dvd-recovery.com Open in urlscan Pro
104.193.109.63 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.dvd-recovery-org.smart-projects.biz/
Effective URL:
https://www.dvd-recovery.com/
Submission: On January 26 via automatic, source certstream-suspicious (January 26th 2024, 9:34:59 am UTC) — Scanned from DE

Summary HTTP 77 Redirects Links 8 Behaviour Indicators

Summary

This website contacted 13 IPs in 3 countries across 8 domains to perform 77 HTTP transactions. The main IP is 104.193.109.63, located in United States and belongs to PRIVATESYSTEMS, US. The main domain is www.dvd-recovery.com.
TLS certificate: Issued by cPanel, Inc. Certification Authority on November 30th 2023. Valid for: 3 months.

This is the only time www.dvd-recovery.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 3	104.193.109.63 104.193.109.63	63410 (PRIVATESY...) (PRIVATESYSTEMS)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
21	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
6	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
77	13

3 104.193.109.63 (United States) 2 redirects

ASN63410 (PRIVATESYSTEMS, US)
PTR: pvh.smart-projects.biz

www.dvd-recovery-org.smart-projects.biz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dvd-recovery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
36	criteo.net static.criteo.net — Cisco Umbrella Rank: 657 csm.eu.criteo.net — Cisco Umbrella Rank: 8850 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9386	423 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 110 tpc.googlesyndication.com — Cisco Umbrella Rank: 157	311 KB
9	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 8778 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10462 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15457	129 KB
8	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 38	41 KB
3	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 230	195 KB
2	dvd-recovery.com 1 redirects www.dvd-recovery.com	1 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	smart-projects.biz 1 redirects www.dvd-recovery-org.smart-projects.biz	249 B
77	8

	Domain	Requested by
21	static.criteo.net	ads.eu.criteo.com
10	pagead2.googlesyndication.com	www.dvd-recovery.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
9	imageproxy.eu.criteo.net	ads.eu.criteo.com
9	tpc.googlesyndication.com	pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	csm.eu.criteo.net	ads.eu.criteo.com
3	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
3	cat.nl3.eu.criteo.com	ads.eu.criteo.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.dvd-recovery.com	1 redirects
1	www.google.com	tpc.googlesyndication.com
1	www.dvd-recovery-org.smart-projects.biz	1 redirects
77	13

This site contains links to these domains. Also see Links.

Domain
www.isobuster.com

Subject Issuer	Validity	Valid
dvd-recovery.com cPanel, Inc. Certification Authority	`2023-11-30` - `2024-02-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-02` - `2024-03-26`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-15` - `2024-03-10`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-27` - `2024-03-21`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.dvd-recovery.com/
Frame ID: 26AC5D74630E510F09D6C99A83CB7859
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html
Frame ID: F1DB9A12415DA2B495C0DCD4219F0BF5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284964903038795&output=html&adk=1812271804&adf=3025194257&lmt=1706261695&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.dvd-recovery.com%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706261695149&bpp=3&bdt=180&idt=197&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6614069622965&frm=20&pv=2&ga_vid=102610762.1706261695&ga_sid=1706261695&ga_hid=902097067&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531705%2C44795921%2C95320378%2C95320869%2C95320892%2C95321627%2C95322165%2C95323008&oid=2&pvsid=3616878921355369&tmod=1689943487&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=214
Frame ID: 177804E2FA40BCB2FA4F8AC68F13C65F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: F4FD3C359EAB5BD06B8BCD737F61ECA8
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 530585DE725E6ADE34FB0CADA9CA3FB0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: D42A968742EA838EB589942146B14E50
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbN8vwAF-ckHg6P4AAK_MKg1hQ2tYnln3ADHKQ&u=%7CPLqpqXvL8hR38Kbfnirg0LjhDXrPCUNkvtplZmyHcEA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdqPjl60z0VhODKhST4OVMLbaNhzG9HDFK49z0136XXoxmz1m9zD_YGhxBcwlg7IyB-hE4om50OsNc6otqe70cCcfevRXQbD4-BvSwTdKaLwD5rgwcEmUaH5ueEtWQOi2d7TbJruD7zqIDUuBag4mW8NG2w39Q-EEIY_oNyOSEMYfn0lDUhJl7mz88dVSHldgU_k3uTVauimkj7pFiLy4B-_GxlXQiBicBTYcBpOPpq1RiA_MdEJZCiB-6-hipj8KVhNEHx1Q5erV2VJu1rHLGX-IMq4IdY1GBxqK_CfYcrGQ0f_3MmdgSUBjsFi3-FGAUqBRDTOcuFFrII1JMP6nCxMKKQxx-1U88j7akJCHHKcYpIsoau8g71vehlU9ItvpdElW5euS46Llit_JvZw6bur_Itn02GlH0K2h-kVBKJ82l0H-fRtFt_68mRcuHKYhcixBKSPIULDW-NFTu0EJxMLFBZxt0on039JvHoSJg9m4AndxDE5IJp5MKKHG5FicaQl0PDQJnMkR5lB51wmSZX5khzihv5vskiYhfbIvycbeVQDw5mbVUuc15DbAqX9nXSyYmo8XCR6Hilety7Mtem3wvhJ_vO-RA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCL7sOv3yzZcnzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTNAU_QfEq_vzMB9U2qMX6wxBdTgY7q9V5oYyI4GtB6FnZlWBKc2LOEnSiva8j0e3SiAE__lDxY7PeRIdHVLWgk7TqfmNTFQL-6GotdRYPxT5W3Nuz673ZXkKOP9QHdMeCzk98CEr15vjHqaoyIAxVFar-PVHtkFHSrpWIahVoDrazfdQXxXMFqAosMmb7SLKX3SE9MU6mx_3pRo4q65jmqzu9dnHTMLDYHmpjnpYOLznQoFfV6Ow5an64JuS1j-puBkY1MLvUgVdBPMmbAT7mABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0aj9keD6gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2x9JbtmN_1dYv5cedfUhSszduUUA%26client%3Dca-pub-8284964903038795%26adurl%3D
Frame ID: 4C500AD6668FE68A570943730064FBC0
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbN8vwAF-coHg6P4AAK_MKmNmJgsgP0Q0YIV2A&u=%7CPLqpqXvL8hQ9vmo6ujY%2FG1it4Ivz3sdZiKGK75xO6Ik%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdqPjl60z0VhODKhST4OVMLbaNhzG9HDFA_RW_KxeHC34sT493_CR8nhVBvjCSYh3VvBw9bc7Z90sH1R6GAENSlENZrcXL7GytDTsu0q2OZzoDj_E4HJzHO5nRKFW-gL80Rl_h888Lk-H4sM8h49--RpChDQkQ5wAfjFRkcO183KQNEwl1OjwHzRMhinpYkQCXZeXZMHlMiKMKQKyjzXhLKqW5a0tBQeAJRe2bVqFmyq8tTt-30XyD079E6p6iFBd_cPqTGuKxXL-JEN0anHg6Z1Qzw2q-aUkB0GIV0Lnp_nEG2l2YxXG6ZQ3VoZAK-UCmYHdxdsK8RKfWGUhsb8Zi_hhKyk6RTcqcs0vHOhB1GqgDMS7Vdn53jnTsLnskcTt2utQMoTZ-JTbheIWfVOl7mT_EjGEO9ZE0PcEaPoLUyEyMwFpJMxePP0HkYZIsTbotvYx20p5V-VPO5GQJu4DeyYfp_ppSyxdf6J_8qXyFwCGE7ZDxBn9-eiK69k1p-z-sHkZzs0OR6zBC93UPuHfIDQZ9gAGonvp2hqrIaEnQoQohpjfuYNbNCI-Ky0_w1eGBtBcvn31Bc2bSlYILS5PHg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLJwv3yzZcrzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTNAU_QPnKAnMc7H2NMoyOoi7aYoNbqS_2fNhZHqQeSedzIT-3zNRytobRPNd3ar0q9T3YsKlOxRgVq39gxM62t1FuB2VajMvqQIt-kj9LmnSuI01nZ44vJ4fdvaON5JGN9Sr_DU3ocexlhV86fn4ApzXJMNInkkJm1Hd1ms5JqnoIaKi7wwY5bRi9zNHeNfpmNwAvg7pl2crYHznwHy2yFKBcuq35CI307ZnHJLqXg3VmHrDJiR8us0KIZVB2NbX7H-vTsfmf4pc_U8MOjamSABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0aj9keD6gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JLM-hUScg-8f0tV02890F7hH5pw%26client%3Dca-pub-8284964903038795%26adurl%3D
Frame ID: E3637AC8C6BDB2F6ACF6620B6A93B8BD
Requests: 15 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbN8vwAF-csHg6P4AAK_MMtu1wbR7W-ucNYCwA&u=%7CPLqpqXvL8hSPAV3AtGsMAFVvprtNP7Yodif19MJKjEk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6-92RavIlt9_S9kpl2iSpH5r2uPV9FB5QZPTFusYKzdHdvio7qjuMQmsTJsPgSEIntxxsVMtx_JfBn1a1eNdFsi1wC4-8_okZ9IIvdfUgTVccNo5wBKGWFfpVCPaozvYJBZdfoq2nddczOxS0QvqwCfkvyDErlyruABc9bf9UNYTblZVf8vYNS_zYM8ravOsFZW0rX_79F88y0hfUaKnEyYBnCMEZRQqN5hCW-Gt3edDT8q6DlhZzuywWYoeU4I8rfp34yjrY9dMymf9huaDpuxXVw7B6WX595v8l2N3xrpjZohaz1aEr0BcdpnyWAAnWKBeYVlBGT0mCplFZNJDWleuO0pzbMcUmfuM_fetxCeyynBaOl5Nepk4iJEmlRHKQPvpn8t1Q5b3qfuYEPoLFESWX4vZT-mX3acuo0a5L6WVzxwDaFDT9v2EmOdEcWUdyA0jv9vgVsSamsfSfG-5YfBzPKlzv5J58ameJvNZ42vtTKAMHNsmCN_3rWx90TQ7fYdxlyoKA-AhbBRr_xHy_kp--VPoOk1cbl3polg5P4wVbJ3bHnIYQrbha9t_UHg2r05TuNVqaqYgtGeTWSlje8fyjfUJuYDQGA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC26ZYv3yzZcvzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTOAU_Q3KNdzAB4Rakmczf4UUO8MKTCYizfprWnJDaOgj30eJIlKmaulp2STfv69cSuhdO5EHYJDPHAjTJGvQxolbvPC07IiqMT5piI4EBt1Ar8F9RSVOwbciRjzwJxCjGdZmEoltxvE7YhkZYjkhQjgrn_WnSBrJVBEdBv5-q0yd49IMniO8pU5FXRepjaMKN0FYwr8bvOr3gdys8FX1kqRObNW7DipXiuPTbJk21B9IeA8HMpnFV0PU-hbKe68azgqI-m7rFmUuC0OGDTZkddgAbDxdWb1sCXj9oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNGo_ZHg-oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3JwD44VD5znNIBGLyNLIzACV99ug%26client%3Dca-pub-8284964903038795%26adurl%3D
Frame ID: 1F2C37BC50995B82F4C833C28A8E0EC5
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 69E445BE836402ED41A52A5A844AAC29
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0F05F9E4ED3EE3764DD2CB54BF5BC9E1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DVD video recovery software

Page URL History Show full URLs

https://www.dvd-recovery-org.smart-projects.biz/ HTTP 301
http://www.dvd-recovery.com/ HTTP 301
https://www.dvd-recovery.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

77
Requests

100 %
HTTPS

83 %
IPv6

8
Domains

13
Subdomains

13
IPs

3
Countries

1101 kB
Transfer

2491 kB
Size

1
Cookies

8 Outgoing links

These are links going to different origins than the main page.

URL: http://www.isobuster.com/reviews.php
Title: extensive testing by various magazines

Search URL Search Domain Scan URL

URL: https://www.isobuster.com/
Title: IsoBuster

Search URL Search Domain Scan URL

URL: https://www.isobuster.com/download.php
Title: Download IsoBuster here

Search URL Search Domain Scan URL

URL: https://www.isobuster.com/tips/1
Title: How to recover video from a DVD (e.g. a non-finalized DVD)

Search URL Search Domain Scan URL

URL: https://www.isobuster.com/tips/2
Title: How to re-create a DVD from the full set of VIDEO_TS files

Search URL Search Domain Scan URL

URL: https://www.isobuster.com/tips/3
Title: How to re-author a DVD from one or more VOB files

Search URL Search Domain Scan URL

URL: https://www.isobuster.com/tips/4
Title: How to re-create a DVD from one or more VOB files

Search URL Search Domain Scan URL

URL: https://www.isobuster.com/tips/8
Title: How to fix a damaged video stream so that it can be played or imported by video editing software again

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.dvd-recovery-org.smart-projects.biz/ HTTP 301
http://www.dvd-recovery.com/ HTTP 301
https://www.dvd-recovery.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

77 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.dvd-recovery.com/
Redirect Chain

https://www.dvd-recovery-org.smart-projects.biz/
http://www.dvd-recovery.com/
https://www.dvd-recovery.com/

2 KB
941 B

399ms
132ms

Document
text/html

104.193.109.63
PRIVATESYSTEMS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dvd-recovery.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.193.109.63 , United States, ASN63410 (PRIVATESYSTEMS, US),
Reverse DNS: pvh.smart-projects.biz
Software: Apache /
Resource Hash: 810a3c755d372db87f4e9a650227256d9e559eed5d5cde0b3cf1ecdfac5304bd

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 720
Content-Type: text/html
Date: Fri, 26 Jan 2024 09:34:54 GMT
Keep-Alive: timeout=3, max=100
Server: Apache
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 237
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 26 Jan 2024 09:34:54 GMT
Keep-Alive: timeout=3, max=100
Location: https://www.dvd-recovery.com/
Server: Apache

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 147 KB
50 KB 131ms
79ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.dvd-recovery.com
URL: https://www.dvd-recovery.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3411d38829ae029f7e1354c21afa25c13bfa1146f49c1e825807a7522ecb6494

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dvd-recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51142
x-xss-protection: 0
server: cafe
etag: 14797911781627608491
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Fri, 26 Jan 2024 09:34:55 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 403 KB
137 KB 97ms
96ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8284964903038795&plah=www.dvd-recovery.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a2c1747d7c3549d5184ffdcfacc1c1db89f829d34b078b84274d59c5e637e3d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dvd-recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:55 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 139806
x-xss-protection: 0
server: cafe
etag: 17331273206331770177
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:34:55 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/ Frame F1DB 9 KB
5 KB 69ms
20ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dvd-recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 67134
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 14:56:01 GMT
etag: 3890843268177463596
expires: Thu, 08 Feb 2024 14:56:01 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1778 172 KB
24 KB 588ms
587ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8284964903038795&output=html&adk=1812271804&adf=3025194257&lmt=1706261695&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x810_l%7C500x810_r&format=0x0&url=https%3A%2F%2Fwww.dvd-recovery.com%2F&pra=5&wgl=1&easpi=1&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~3~4~6&aslcwct=150&asacwct=25&aslmct=0.5&asamct=0.5&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1706261695149&bpp=3&bdt=180&idt=197&shv=r20240122&mjsv=m202401180101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6614069622965&frm=20&pv=2&ga_vid=102610762.1706261695&ga_sid=1706261695&ga_hid=902097067&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C42531705%2C44795921%2C95320378%2C95320869%2C95320892%2C95321627%2C95322165%2C95323008&oid=2&pvsid=3616878921355369&tmod=1689943487&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=214

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8284964903038795&plah=www.dvd-recovery.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1208f0421d29197225a22fa0f6d8ceeea24b055234cc707492b00d8c8fdfebd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dvd-recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 23998
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 09:34:55 GMT
expires: Fri, 26 Jan 2024 09:34:55 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 116ms
74ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240122&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

479c99317b6f9a2bdd44f0c7b6e747092a416b708ed9f41461b62add82e39a7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dvd-recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12319
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/ 163 KB
55 KB 95ms
94ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202401180101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

caad01cc49910afbc99f8fd7b9979bf3aefeffc2671b5b64c668a0c1c7f6015a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dvd-recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56679
x-xss-protection: 0
server: cafe
etag: 8789406786291784583
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:34:56 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 103ms
53ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dvd-recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 09:34:56 GMT

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame F4FD 9 KB
4 KB 22ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dvd-recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Thu, 08 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame 5305 9 KB
4 KB 23ms
21ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dvd-recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Thu, 08 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/ Frame D42A 9 KB
4 KB 23ms
22ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dvd-recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 77705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 11:59:51 GMT
etag: 3890843268177463596
expires: Thu, 08 Feb 2024 11:59:51 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 4C50 125 KB
44 KB 138ms
58ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbN8vwAF-ckHg6P4AAK_MKg1hQ2tYnln3ADHKQ&u=%7CPLqpqXvL8hR38Kbfnirg0LjhDXrPCUNkvtplZmyHcEA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdqPjl60z0VhODKhST4OVMLbaNhzG9HDFK49z0136XXoxmz1m9zD_YGhxBcwlg7IyB-hE4om50OsNc6otqe70cCcfevRXQbD4-BvSwTdKaLwD5rgwcEmUaH5ueEtWQOi2d7TbJruD7zqIDUuBag4mW8NG2w39Q-EEIY_oNyOSEMYfn0lDUhJl7mz88dVSHldgU_k3uTVauimkj7pFiLy4B-_GxlXQiBicBTYcBpOPpq1RiA_MdEJZCiB-6-hipj8KVhNEHx1Q5erV2VJu1rHLGX-IMq4IdY1GBxqK_CfYcrGQ0f_3MmdgSUBjsFi3-FGAUqBRDTOcuFFrII1JMP6nCxMKKQxx-1U88j7akJCHHKcYpIsoau8g71vehlU9ItvpdElW5euS46Llit_JvZw6bur_Itn02GlH0K2h-kVBKJ82l0H-fRtFt_68mRcuHKYhcixBKSPIULDW-NFTu0EJxMLFBZxt0on039JvHoSJg9m4AndxDE5IJp5MKKHG5FicaQl0PDQJnMkR5lB51wmSZX5khzihv5vskiYhfbIvycbeVQDw5mbVUuc15DbAqX9nXSyYmo8XCR6Hilety7Mtem3wvhJ_vO-RA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCL7sOv3yzZcnzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTNAU_QfEq_vzMB9U2qMX6wxBdTgY7q9V5oYyI4GtB6FnZlWBKc2LOEnSiva8j0e3SiAE__lDxY7PeRIdHVLWgk7TqfmNTFQL-6GotdRYPxT5W3Nuz673ZXkKOP9QHdMeCzk98CEr15vjHqaoyIAxVFar-PVHtkFHSrpWIahVoDrazfdQXxXMFqAosMmb7SLKX3SE9MU6mx_3pRo4q65jmqzu9dnHTMLDYHmpjnpYOLznQoFfV6Ow5an64JuS1j-puBkY1MLvUgVdBPMmbAT7mABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0aj9keD6gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2x9JbtmN_1dYv5cedfUhSszduUUA%26client%3Dca-pub-8284964903038795%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

443cbacf2fb3a724451941ccf2264df8b866eaa34db10e166356109755e908b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 09:34:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=4wgxzjVY8Nxyr4FcNBzmw4y_ZDKA0dM7Yv6yZ3VQlHbYS7QQ3cCLn84oXAUHEwkLfcGZkPwOGNehKyNSegg4NCLyMEoCiIqUKv-LxU0vwHsLiEqYsX66yfEO89h_Jx6ORE6h8Ya3RGQaJQyiP8ExBlOtdhhW5PK43u-KfX978AjJ2zE4dxzSwcRk1n6HGzFtDRRKhHPfIyn3VGneL7koU-_ihqQ1vJNaQ1lkFa8nJhh2pQz6cIZJMq-NeRM-C7JVvheUOw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 12763131
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F4FD 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 09:33:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame F4FD 20 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:59:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4FD 205 KB
65 KB 122ms
65ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:34:56 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame E363 120 KB
43 KB 191ms
138ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbN8vwAF-coHg6P4AAK_MKmNmJgsgP0Q0YIV2A&u=%7CPLqpqXvL8hQ9vmo6ujY%2FG1it4Ivz3sdZiKGK75xO6Ik%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdqPjl60z0VhODKhST4OVMLbaNhzG9HDFA_RW_KxeHC34sT493_CR8nhVBvjCSYh3VvBw9bc7Z90sH1R6GAENSlENZrcXL7GytDTsu0q2OZzoDj_E4HJzHO5nRKFW-gL80Rl_h888Lk-H4sM8h49--RpChDQkQ5wAfjFRkcO183KQNEwl1OjwHzRMhinpYkQCXZeXZMHlMiKMKQKyjzXhLKqW5a0tBQeAJRe2bVqFmyq8tTt-30XyD079E6p6iFBd_cPqTGuKxXL-JEN0anHg6Z1Qzw2q-aUkB0GIV0Lnp_nEG2l2YxXG6ZQ3VoZAK-UCmYHdxdsK8RKfWGUhsb8Zi_hhKyk6RTcqcs0vHOhB1GqgDMS7Vdn53jnTsLnskcTt2utQMoTZ-JTbheIWfVOl7mT_EjGEO9ZE0PcEaPoLUyEyMwFpJMxePP0HkYZIsTbotvYx20p5V-VPO5GQJu4DeyYfp_ppSyxdf6J_8qXyFwCGE7ZDxBn9-eiK69k1p-z-sHkZzs0OR6zBC93UPuHfIDQZ9gAGonvp2hqrIaEnQoQohpjfuYNbNCI-Ky0_w1eGBtBcvn31Bc2bSlYILS5PHg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLJwv3yzZcrzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTNAU_QPnKAnMc7H2NMoyOoi7aYoNbqS_2fNhZHqQeSedzIT-3zNRytobRPNd3ar0q9T3YsKlOxRgVq39gxM62t1FuB2VajMvqQIt-kj9LmnSuI01nZ44vJ4fdvaON5JGN9Sr_DU3ocexlhV86fn4ApzXJMNInkkJm1Hd1ms5JqnoIaKi7wwY5bRi9zNHeNfpmNwAvg7pl2crYHznwHy2yFKBcuq35CI307ZnHJLqXg3VmHrDJiR8us0KIZVB2NbX7H-vTsfmf4pc_U8MOjamSABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0aj9keD6gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JLM-hUScg-8f0tV02890F7hH5pw%26client%3Dca-pub-8284964903038795%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b760e2e738833e091aa1fbbbe70586a67071187c04deca59d1743bcf480ff614

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 09:34:55 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=ZZjA0DVY8Nxyr4FcidF4t_dSUzNL_ufe27sBY6H92SvaAC0Ev2ZBDPmUOLI_CfDHn3lvpzMxZtlWzlPP1XgfHb_8Pt9oX3smN_qklE0PLY0nfimIKifA5xQkE0ct12Bes9h2qbvR6ttOMSwLY1xoigW1PeNDTTMoKZpaFbWv00XXdZWY-RzP8As9hdA5LIZHaf_dGExQ9Y3mxbH1DyH0xwq4OTEKky6qYLXQZXgXXD3MP79TtTfzDrxD77IJpsBmFq-yIw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 14396597
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5305 3 KB
1 KB 26ms
24ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 09:33:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame 5305 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:59:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5305 205 KB
65 KB 134ms
104ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:34:56 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1F2C 109 KB
40 KB 163ms
120ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbN8vwAF-csHg6P4AAK_MMtu1wbR7W-ucNYCwA&u=%7CPLqpqXvL8hSPAV3AtGsMAFVvprtNP7Yodif19MJKjEk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6-92RavIlt9_S9kpl2iSpH5r2uPV9FB5QZPTFusYKzdHdvio7qjuMQmsTJsPgSEIntxxsVMtx_JfBn1a1eNdFsi1wC4-8_okZ9IIvdfUgTVccNo5wBKGWFfpVCPaozvYJBZdfoq2nddczOxS0QvqwCfkvyDErlyruABc9bf9UNYTblZVf8vYNS_zYM8ravOsFZW0rX_79F88y0hfUaKnEyYBnCMEZRQqN5hCW-Gt3edDT8q6DlhZzuywWYoeU4I8rfp34yjrY9dMymf9huaDpuxXVw7B6WX595v8l2N3xrpjZohaz1aEr0BcdpnyWAAnWKBeYVlBGT0mCplFZNJDWleuO0pzbMcUmfuM_fetxCeyynBaOl5Nepk4iJEmlRHKQPvpn8t1Q5b3qfuYEPoLFESWX4vZT-mX3acuo0a5L6WVzxwDaFDT9v2EmOdEcWUdyA0jv9vgVsSamsfSfG-5YfBzPKlzv5J58ameJvNZ42vtTKAMHNsmCN_3rWx90TQ7fYdxlyoKA-AhbBRr_xHy_kp--VPoOk1cbl3polg5P4wVbJ3bHnIYQrbha9t_UHg2r05TuNVqaqYgtGeTWSlje8fyjfUJuYDQGA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC26ZYv3yzZcvzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTOAU_Q3KNdzAB4Rakmczf4UUO8MKTCYizfprWnJDaOgj30eJIlKmaulp2STfv69cSuhdO5EHYJDPHAjTJGvQxolbvPC07IiqMT5piI4EBt1Ar8F9RSVOwbciRjzwJxCjGdZmEoltxvE7YhkZYjkhQjgrn_WnSBrJVBEdBv5-q0yd49IMniO8pU5FXRepjaMKN0FYwr8bvOr3gdys8FX1kqRObNW7DipXiuPTbJk21B9IeA8HMpnFV0PU-hbKe68azgqI-m7rFmUuC0OGDTZkddgAbDxdWb1sCXj9oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNGo_ZHg-oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3JwD44VD5znNIBGLyNLIzACV99ug%26client%3Dca-pub-8284964903038795%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8e3d9c041321f05ab44f012401a84c6537cf3405f449847b8de923ccd5cdcc79

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 09:34:56 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=5Vq_3TVY8Nxyr4FcweokB4RJJnybxpIGPti99UPEc-5k0G4W34yWrIHWeu49pxSPsNNxUl80mKnHVdjp6kN0FyEzIhh-7k_raOJGjEgCyM_UTQEzoVwCNe8NMo2G9v9dKaWdVZAdA9FDUIr_D3DOOAN8DSiVRCkI5u8fHaOASPyRClOd8JpI-TJ15G05aOz5xX0o24EGoeEMxB-L1vHyU7ZHJXahoLRk80Wi-RELEpIlPc3BcIQWhhGhAuGVWEB4bYjqFA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 12572403
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D42A 3 KB
1 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:33:12 GMT
content-encoding: br
x-content-type-options: nosniff
age: 104
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 09 Feb 2024 09:33:12 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/ Frame D42A 20 KB
8 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240122/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Thu, 25 Jan 2024 11:59:51 GMT
content-encoding: br
x-content-type-options: nosniff
age: 77705
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8492
x-xss-protection: 0
server: cafe
etag: 9878124937798820110
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 08 Feb 2024 11:59:51 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D42A 205 KB
65 KB 133ms
114ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 66337
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1706100845105677"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 26 Jan 2024 09:34:56 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 69E4 13 KB
5 KB 22ms
20ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dvd-recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 76856
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 25 Jan 2024 12:14:00 GMT
expires: Fri, 24 Jan 2025 12:14:00 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0F05 829 B
1 KB 83ms
33ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b10790bab1f6dc14dd9aa0a3b17285a134834edbe2130d410cd14df3227aeb7d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ZPNsik8pdc8YvUqeb9QcDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.dvd-recovery.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-ZPNsik8pdc8YvUqeb9QcDg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 26 Jan 2024 09:34:56 GMT
expires: Fri, 26 Jan 2024 09:34:56 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame D42A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9c37aee067e91dd0bf77df28d14e094061aed024c5648f84b7534c6242d55d87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js Show response
pagead2.googlesyndication.com/bg/ Frame 69E4 39 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/IHSjRKKj3q_1Pt3c2sGWHmUCy_Bw5n5yhKh9CWyZSw4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 05:47:54 GMT
content-encoding: br
x-content-type-options: nosniff
age: 13622
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15219
x-xss-protection: 0
last-modified: Mon, 15 Jan 2024 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 25 Jan 2025 05:47:54 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 4C50 2 KB
1 KB 132ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbN8vwAF-ckHg6P4AAK_MKg1hQ2tYnln3ADHKQ&u=%7CPLqpqXvL8hR38Kbfnirg0LjhDXrPCUNkvtplZmyHcEA%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdqPjl60z0VhODKhST4OVMLbaNhzG9HDFK49z0136XXoxmz1m9zD_YGhxBcwlg7IyB-hE4om50OsNc6otqe70cCcfevRXQbD4-BvSwTdKaLwD5rgwcEmUaH5ueEtWQOi2d7TbJruD7zqIDUuBag4mW8NG2w39Q-EEIY_oNyOSEMYfn0lDUhJl7mz88dVSHldgU_k3uTVauimkj7pFiLy4B-_GxlXQiBicBTYcBpOPpq1RiA_MdEJZCiB-6-hipj8KVhNEHx1Q5erV2VJu1rHLGX-IMq4IdY1GBxqK_CfYcrGQ0f_3MmdgSUBjsFi3-FGAUqBRDTOcuFFrII1JMP6nCxMKKQxx-1U88j7akJCHHKcYpIsoau8g71vehlU9ItvpdElW5euS46Llit_JvZw6bur_Itn02GlH0K2h-kVBKJ82l0H-fRtFt_68mRcuHKYhcixBKSPIULDW-NFTu0EJxMLFBZxt0on039JvHoSJg9m4AndxDE5IJp5MKKHG5FicaQl0PDQJnMkR5lB51wmSZX5khzihv5vskiYhfbIvycbeVQDw5mbVUuc15DbAqX9nXSyYmo8XCR6Hilety7Mtem3wvhJ_vO-RA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCL7sOv3yzZcnzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTNAU_QfEq_vzMB9U2qMX6wxBdTgY7q9V5oYyI4GtB6FnZlWBKc2LOEnSiva8j0e3SiAE__lDxY7PeRIdHVLWgk7TqfmNTFQL-6GotdRYPxT5W3Nuz673ZXkKOP9QHdMeCzk98CEr15vjHqaoyIAxVFar-PVHtkFHSrpWIahVoDrazfdQXxXMFqAosMmb7SLKX3SE9MU6mx_3pRo4q65jmqzu9dnHTMLDYHmpjnpYOLznQoFfV6Ow5an64JuS1j-puBkY1MLvUgVdBPMmbAT7mABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0aj9keD6gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2x9JbtmN_1dYv5cedfUhSszduUUA%26client%3Dca-pub-8284964903038795%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 4C50 2 KB
1 KB 163ms
72ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 4C50 308 B
637 B 124ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 4C50 293 B
621 B 125ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 4C50 43 B
348 B 90ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=tuuczIC2kk7Q95mSxiJHnKBonD69_Xn_xC7OXeYFtKt4DaG2lM5qrDMxO7Lk8ZgwAZyftztbUA9xh-nbBrh3pndnjosszTuhqELz8RXAS3_e7Ng82yvFOcoOi6Vc298S96vzYhanjeaZ--GnA1p2hR-nShPbXVebpai2SaamA0LTlLa0eS4s53s4wFHh0JhWy99Ug5MEArHh-5unc2KVz5UHsZwzNaKV6uvov5sZVcjDIk-o-hlT3VVZB58rfrpL5jdis8m_a-rUYH1p4jBUrJgjU7AzU5tHJ_pen1FKld5Y4OyS6izTC_i0SvCW3FsCGczfC_arhg1QoHXDt4gbUtH6bwV038kO6DAFBLqO9Z0veV1HJfebESsXtYGrlsLwyZCemyndzhpBm-D93Hc34iG7KwrXYH_1cLMiGnZLloBICmijNf7iR1RZgLNasI37cb00Kg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:34:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1502754
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 0F05 0
0 52ms
52ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240122&jk=3616878921355369&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 4C50 12 KB
6 KB 60ms
40ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4C50 0
128 B 114ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=4wgxzjVY8Nxyr4FcNBzmw4y_ZDKA0dM7Yv6yZ3VQlHbYS7QQ3cCLn84oXAUHEwkLfcGZkPwOGNehKyNSegg4NCLyMEoCiIqUKv-LxU0vwHsLiEqYsX66yfEO89h_Jx6ORE6h8Ya3RGQaJQyiP8ExBlOtdhhW5PK43u-KfX978AjJ2zE4dxzSwcRk1n6HGzFtDRRKhHPfIyn3VGneL7koU-_ihqQ1vJNaQ1lkFa8nJhh2pQz6cIZJMq-NeRM-C7JVvheUOw&sds=2&rev=90371&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 4C50 2 KB
1 KB 84ms
71ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 4C50 2 KB
1 KB 72ms
72ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1F2C 2 KB
1 KB 45ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbN8vwAF-csHg6P4AAK_MMtu1wbR7W-ucNYCwA&u=%7CPLqpqXvL8hSPAV3AtGsMAFVvprtNP7Yodif19MJKjEk%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUG2JILUkurhSkBmqMNl2IWHL9APLQJ6z2MBXjcXbJi6-92RavIlt9_S9kpl2iSpH5r2uPV9FB5QZPTFusYKzdHdvio7qjuMQmsTJsPgSEIntxxsVMtx_JfBn1a1eNdFsi1wC4-8_okZ9IIvdfUgTVccNo5wBKGWFfpVCPaozvYJBZdfoq2nddczOxS0QvqwCfkvyDErlyruABc9bf9UNYTblZVf8vYNS_zYM8ravOsFZW0rX_79F88y0hfUaKnEyYBnCMEZRQqN5hCW-Gt3edDT8q6DlhZzuywWYoeU4I8rfp34yjrY9dMymf9huaDpuxXVw7B6WX595v8l2N3xrpjZohaz1aEr0BcdpnyWAAnWKBeYVlBGT0mCplFZNJDWleuO0pzbMcUmfuM_fetxCeyynBaOl5Nepk4iJEmlRHKQPvpn8t1Q5b3qfuYEPoLFESWX4vZT-mX3acuo0a5L6WVzxwDaFDT9v2EmOdEcWUdyA0jv9vgVsSamsfSfG-5YfBzPKlzv5J58ameJvNZ42vtTKAMHNsmCN_3rWx90TQ7fYdxlyoKA-AhbBRr_xHy_kp--VPoOk1cbl3polg5P4wVbJ3bHnIYQrbha9t_UHg2r05TuNVqaqYgtGeTWSlje8fyjfUJuYDQGA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC26ZYv3yzZcvzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTOAU_Q3KNdzAB4Rakmczf4UUO8MKTCYizfprWnJDaOgj30eJIlKmaulp2STfv69cSuhdO5EHYJDPHAjTJGvQxolbvPC07IiqMT5piI4EBt1Ar8F9RSVOwbciRjzwJxCjGdZmEoltxvE7YhkZYjkhQjgrn_WnSBrJVBEdBv5-q0yd49IMniO8pU5FXRepjaMKN0FYwr8bvOr3gdys8FX1kqRObNW7DipXiuPTbJk21B9IeA8HMpnFV0PU-hbKe68azgqI-m7rFmUuC0OGDTZkddgAbDxdWb1sCXj9oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNGo_ZHg-oMD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_3JwD44VD5znNIBGLyNLIzACV99ug%26client%3Dca-pub-8284964903038795%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 1F2C 2 KB
1 KB 82ms
72ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1F2C 308 B
636 B 39ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1F2C 293 B
621 B 35ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 1F2C 43 B
347 B 29ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=DEXo6jB1UhYGORVNMMEja6YTAX52obP2m3VXOPOptGP7-0BT9fnv9jKUh3xRuJoN_k-3D0Ifm2sJn3NuSYRSGFIDRnNFN4dPm4csaCvHueDp_nSoNG0vx3fnhb4zn2VFbPGHUJ1lMvmgl8jN83s-b4d6H3iEYOHMu7KYpO5d97tsdo-zwygNseCraHDBelPlCQfGdifrq_pwLgRSMUPnuLviTEdxsk1dFDpITcoQvopGp3s_yM5pSgQcvkH6Licjqfm5KTXNWjdtvj_0T1AGUF96rN6mPGVLXXkGRso6Sn2rd2dehtl5Mzii-MvRBeP3611GjmLzbtwVCUX7KyMm2kuoXh-UqdI4doQKW571OJFhmc265Q2w9z_FOCDId06W-5p2x6PW2hyiiTbsDE7nPDAFJ-omfuR5JB9gUcO8jQ7EBnSmYOrDVNqXXbGUrxliW3HWaw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:34:55 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1615840
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame E363 2 KB
1 KB 35ms
34ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZbN8vwAF-coHg6P4AAK_MKmNmJgsgP0Q0YIV2A&u=%7CPLqpqXvL8hQ9vmo6ujY%2FG1it4Ivz3sdZiKGK75xO6Ik%3D%7C&c1=0n2XosTo5ckbeNFvq0zVIcsyhyT3WKD0PIixkNz--ZUETQtbu7-RuG02-JTbIw6iQcfCEIzTmgN28ygJ6EDhxdqPjl60z0VhODKhST4OVMLbaNhzG9HDFA_RW_KxeHC34sT493_CR8nhVBvjCSYh3VvBw9bc7Z90sH1R6GAENSlENZrcXL7GytDTsu0q2OZzoDj_E4HJzHO5nRKFW-gL80Rl_h888Lk-H4sM8h49--RpChDQkQ5wAfjFRkcO183KQNEwl1OjwHzRMhinpYkQCXZeXZMHlMiKMKQKyjzXhLKqW5a0tBQeAJRe2bVqFmyq8tTt-30XyD079E6p6iFBd_cPqTGuKxXL-JEN0anHg6Z1Qzw2q-aUkB0GIV0Lnp_nEG2l2YxXG6ZQ3VoZAK-UCmYHdxdsK8RKfWGUhsb8Zi_hhKyk6RTcqcs0vHOhB1GqgDMS7Vdn53jnTsLnskcTt2utQMoTZ-JTbheIWfVOl7mT_EjGEO9ZE0PcEaPoLUyEyMwFpJMxePP0HkYZIsTbotvYx20p5V-VPO5GQJu4DeyYfp_ppSyxdf6J_8qXyFwCGE7ZDxBn9-eiK69k1p-z-sHkZzs0OR6zBC93UPuHfIDQZ9gAGonvp2hqrIaEnQoQohpjfuYNbNCI-Ky0_w1eGBtBcvn31Bc2bSlYILS5PHg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCnLJwv3yzZcrzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTNAU_QPnKAnMc7H2NMoyOoi7aYoNbqS_2fNhZHqQeSedzIT-3zNRytobRPNd3ar0q9T3YsKlOxRgVq39gxM62t1FuB2VajMvqQIt-kj9LmnSuI01nZ44vJ4fdvaON5JGN9Sr_DU3ocexlhV86fn4ApzXJMNInkkJm1Hd1ms5JqnoIaKi7wwY5bRi9zNHeNfpmNwAvg7pl2crYHznwHy2yFKBcuq35CI307ZnHJLqXg3VmHrDJiR8us0KIZVB2NbX7H-vTsfmf4pc_U8MOjamSABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0aj9keD6gwP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1JLM-hUScg-8f0tV02890F7hH5pw%26client%3Dca-pub-8284964903038795%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame E363 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame E363 308 B
636 B 37ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame E363 293 B
621 B 36ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame E363 43 B
347 B 30ms
29ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=pX3BC4C2kk7Q95mSxiJHnKBonD4QR7DM5wXND4NzSJebX360hum3ISitbhQV0aMwbKbvSFXbekVhxrtl-zmzvf_rMzYbuwSNavJ7syDLLfDCSRxEpo_qG7gqs4Wnv357CpOnaLFAJCEsfcnAjlKlBBQH_X7nBU0srD60f26zJ5lul-6Ea2eW5u84LjMJSz-13A-bPD_VCkV_8yPXhB6qiaF7KfPIi7IZAVbmrb8ufHcfjjgYOs-HjfM2WsS5XjGfrIXKawQbo8PDdaehnm1sCsKdNwAM7vqU3xgNL7GCwm-yyFq8me-ilUkMHeeqYE10_2uzBBnFelw4NY86bTCNpAyewxx3rilKoUygElkdn7wpHGJikyKxO9NhGGQazVqO5nKf5-I4VqcU9r9ZC2qaojoUtsyl6-_AkphSpJzJapq3kkUz3HfN8eY3ebGaoPsBhvBOxg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1548269
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 69E4 0
10 B 24ms
24ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?pL9Gkw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1F2C 12 KB
6 KB 42ms
39ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame E363 12 KB
6 KB 40ms
40ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 1F2C 12 KB
12 KB 115ms
42ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=109926&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109926%2F5172544%2Ffebfcd3d178940e1a6c3d512d908ba5c_231121_dgj_logo_bild-wortmarke_criteo_growth_levers_1200x1200.png&v=3&w=402&rid=4&s=MjIBrlLMNWC9pVVqjdxh1cgB

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5e23b960cc0af0f79d51711317bf53f554f42c28e0d0e0cafc5acf748b0f24c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 12414
expires: Sun, 12 Jan 2025 09:47:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1F2C 0
127 B 44ms
42ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=5Vq_3TVY8Nxyr4FcweokB4RJJnybxpIGPti99UPEc-5k0G4W34yWrIHWeu49pxSPsNNxUl80mKnHVdjp6kN0FyEzIhh-7k_raOJGjEgCyM_UTQEzoVwCNe8NMo2G9v9dKaWdVZAdA9FDUIr_D3DOOAN8DSiVRCkI5u8fHaOASPyRClOd8JpI-TJ15G05aOz5xX0o24EGoeEMxB-L1vHyU7ZHJXahoLRk80Wi-RELEpIlPc3BcIQWhhGhAuGVWEB4bYjqFA&sds=2&rev=90371&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 Jan 2024 09:34:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1F2C 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1F2C 2 KB
1 KB 41ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E363 0
127 B 37ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=ZZjA0DVY8Nxyr4FcidF4t_dSUzNL_ufe27sBY6H92SvaAC0Ev2ZBDPmUOLI_CfDHn3lvpzMxZtlWzlPP1XgfHb_8Pt9oX3smN_qklE0PLY0nfimIKifA5xQkE0ct12Bes9h2qbvR6ttOMSwLY1xoigW1PeNDTTMoKZpaFbWv00XXdZWY-RzP8As9hdA5LIZHaf_dGExQ9Y3mxbH1DyH0xwq4OTEKky6qYLXQZXgXXD3MP79TtTfzDrxD77IJpsBmFq-yIw&sds=2&rev=90371&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 Jan 2024 09:34:55 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame E363 2 KB
1 KB 35ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame E363 2 KB
1 KB 37ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 20 Jan 2025 09:34:56 GMT

GET
DATA 200
OK truncated
/ Frame F4FD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf7e90c76a71268b42f0c50dc3a4e4e91208ddbdb44bc7512bdc0a9876b281f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame F4FD 0
23 B 62ms
61ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVg2wv3yzZcnzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTKAU_QfEq_vzMB9U2qMX6wxBdTgY7q9V5oYyI4GtB6FnZlWBKc2LOEnSiva8j0e3SiAE__lDxY7PeRIdHVLWgk7TqfmNTFQL-6GotdRYPxT5W3Nuz673ZXkKOP9QHdMeCzk98CEr15vjHqaoyIAxVFar-PVHtkFHSrpWIahVoDrazfdQXxXMFqAosMmb7SLKX3SE9MU6mx_3pRo4q65jmqzu9dnHTMbjQmCBh0db4tHlPymdWTnwB9lRgDlzXhTlO8N3_zMNk4zRrbEo-ABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0aj9keD6gwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODI4NDk2NDkwMzAzODc5NRgA&sigh=dZE5LbwIygw&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_xlVA8ECVfMdzKVJqXE1FzaUImeDNTBgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 Jan 2024 09:34:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 09:34:56 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame F4FD 0
126 B 112ms
36ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKGoGcz6RMgB2ASdg2ICAgAAAIk90IAphyHnEL98s2UiLmWwmkFkAVGcAAASAAAKCkFRVUJBUUVCQVE&wp=ZbN8vwAF-ckHg6P4AAK_MKg1hQ2tYnln3ADHKQ&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 131346
server: Kestrel
content-length: 0

GET
DATA 200
OK truncated
/ Frame 5305 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5505d305fad094d32e08bf6f33ec64f72bed871c02253f616c9f3961e010943e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E363 10 KB
10 KB 56ms
55ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=210&m=0&partner=109926&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109926%2F5172544%2Ffebfcd3d178940e1a6c3d512d908ba5c_231121_dgj_logo_bild-wortmarke_criteo_growth_levers_1200x1200.png&v=3&w=340&rid=4&s=XFuXyrU_wzz40R9-b3_VsHn_

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

157effbda99b22ff096382c7149465b976e9654ea806d6503381e1b370547799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10484
expires: Sun, 12 Jan 2025 09:47:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E363 83 KB
83 KB 69ms
69ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?m=0&partner=109926&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F109926%2F5172544%2F75534a10bc444ebc9f598fa5a51a8b0b_231204_mf_dgj_4_abnehmshakes_v1_criteo_growth_levers_2_3_.png&v=3&rid=4&s=TF6gDsyhp40e4EShKbmlkGGo

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

170c8a1845de0e217db18ce4badda09bc3e711daf6e7d01001651b98ee00c6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 84682
expires: Sun, 12 Jan 2025 09:59:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 5305 0
23 B 64ms
64ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cb0gDv3yzZcrzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTKAU_QPnKAnMc7H2NMoyOoi7aYoNbqS_2fNhZHqQeSedzIT-3zNRytobRPNd3ar0q9T3YsKlOxRgVq39gxM62t1FuB2VajMvqQIt-kj9LmnSuI01nZ44vJ4fdvaON5JGN9Sr_DU3ocexlhV86fn4ApzXJMNInkkJm1Hd1ms5JqnoIaKi7wwY5bRi9zNHeNfpmNwAvg7pl2crYHznwHy2yFKBcuq35CYX8a9PFa_phGDX5dIBKL48WL2hQTegUP2bb6XAZTYEvgPQVA0CqABsPF1ZvWwJeP2gGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggdCIDhgBAQATICqgI6AoBASL39wTpY0aj9keD6gwOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODI4NDk2NDkwMzAzODc5NRgA&sigh=r0ZfMyhWJZM&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_xlVA8ECVfMdzKVJqXE1FzaUImeDNTBgB&cbvp=2&vis=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 Jan 2024 09:34:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 09:34:56 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 5305 0
125 B 92ms
37ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKGoGcz6RMgB2ASdg2ICAgAAAIk90IAphyHnEL98s2Vu0TpApDu2a4QsAAASAAAKCkFRVURBUUVCQVE&wp=ZbN8vwAF-coHg6P4AAK_MKmNmJgsgP0Q0YIV2A&cbvp=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 120917
server: Kestrel
content-length: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4C50 10 KB
10 KB 112ms
111ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

157effbda99b22ff096382c7149465b976e9654ea806d6503381e1b370547799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10484
expires: Sun, 12 Jan 2025 09:47:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4C50 83 KB
83 KB 112ms
112ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

170c8a1845de0e217db18ce4badda09bc3e711daf6e7d01001651b98ee00c6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 84682
expires: Sun, 12 Jan 2025 09:59:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D42A 0
23 B 63ms
63ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CleZPv3yzZcvzF_jHjuwPsP6KmALJntKxXJXJlPdwwI23ARABIABglYKAgJgHggEXY2EtcHViLTgyODQ5NjQ5MDMwMzg3OTXIAQmpAuejGO2JL7I-qAMByAMCqgTLAU_Q3KNdzAB4Rakmczf4UUO8MKTCYizfprWnJDaOgj30eJIlKmaulp2STfv69cSuhdO5EHYJDPHAjTJGvQxolbvPC07IiqMT5piI4EBt1Ar8F9RSVOwbciRjzwJxCjGdZmEoltxvE7YhkZYjkhQjgrn_WnSBrJVBEdBv5-q0yd49IMniO8pU5FXRepjaMKN0FYwr8bvOr3gdys8FX1kqRObNW7DipTqsHKRJAL18UlenKv8JdfF6GkUXZomicxgolSlUUa9KSnh-rEA6gAbDxdWb1sCXj9oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIHQiA4YAQEAEyAqoCOgKAQEi9_cE6WNGo_ZHg-oMDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTgyODQ5NjQ5MDMwMzg3OTUYAA&sigh=zl4TZdyOXLs&uach_m=%5BUACH%5D&cid=CAQSGwAvHhf_xlVA8ECVfMdzKVJqXE1FzaUImeDNTBgB&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Fri, 26 Jan 2024 09:34:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 26 Jan 2024 09:34:56 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D42A 0
125 B 70ms
37ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKGoGcz6RO0HfJ2DYgICAAAAiT3QgCmHIecQvnyzZXbIR9Nr5GoQVgEAABIAAAoKQVFVREFRRUJBUQ&wp=ZbN8vwAF-csHg6P4AAK_MMtu1wbR7W-ucNYCwA&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:55 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 149641
server: Kestrel
content-length: 0

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E363 10 KB
10 KB 93ms
92ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

157effbda99b22ff096382c7149465b976e9654ea806d6503381e1b370547799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10484
expires: Sun, 12 Jan 2025 09:47:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame E363 83 KB
83 KB 37ms
37ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

170c8a1845de0e217db18ce4badda09bc3e711daf6e7d01001651b98ee00c6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 84682
expires: Sun, 12 Jan 2025 09:59:47 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4C50 10 KB
10 KB 48ms
48ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

157effbda99b22ff096382c7149465b976e9654ea806d6503381e1b370547799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:56 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10484
expires: Sun, 12 Jan 2025 09:47:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 4C50 83 KB
83 KB 36ms
36ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

170c8a1845de0e217db18ce4badda09bc3e711daf6e7d01001651b98ee00c6c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

date: Fri, 26 Jan 2024 09:34:55 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 84682
expires: Sun, 12 Jan 2025 09:59:47 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
55ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240122&jk=3616878921355369&bg=!iYqlisXNAAa8BdJLnAU7ADQBe5WfOEEyGGALFUIgPrP6jTbnNaXW4W1eWVbWJ-zcJ0CHiN3C-sDGO3piblU3rRV56-iGAgAAASFSAAAAA2gBB5kCzGg2KNfjsgwypRM5D4pKA8K6iX0D5t7wrVRdxy6iewo08hzUbeIPSEzql55L1sWcYCKdJFmKDTyDYEEmxf_1ufA4MBWqL2kCLqj_2LJTYuh4EmSBpjw0pRjyWXJZ6gjiLP9RRZ3SMBCQ4Sshs_HPIxhNirBPATCM0yR1pKnDFZ5pLbqCL2aS5AyppOD8ZwGei0IqM4TWSEgA7zW9Y8x-P-1GYjaRY4hsRFoYSLZcaD0Mwytbs1BSkVWs3oAPTVDlRdg4pDTY1LhN8rG12Hmyy6H9oWwAtDEjmMK21vqUNFSV-2lULvpKcjzvE2cXW75FjaMSMZYdazTrMLcA7eAuC5LSI_75OTTqbm3FvDmYoHsHLyfz0uUzNAZfPFvjoaXa-JsP-e6OGW0ae54EkEmAWWMBry3TZ282vfeq4YlfxfsbJYiHHLn4uFD1vFGk8HivHYUNUaqQaPLVQt47f9x4uKsDcJzlPBAcU9hHs5yGyAul4aM6GHOfPZRTMaNQTl1D3Y0knwiCmGwaSWN_N7vpBrXxLG70ReQhf04Y-QzKL-M_lC4YnCwCnmPnP5pK0YzKNBtc6Y_sUPBjtg_pNbX4WkFhE4-Ivx8zyRk3CViaAqKC2QqxgybGVHvyZlOiDERsFuK6_6kz1sSmGzAMeBXOqeYy57vfL2FaE5Tc4_d1h3FKFBQBl9vBzMd10D_GwSHvtUom7BYfSWgksILroid1SD5BNsoYtI6XQMxqwHvGCrG9pNJAlowti1zFtWG3udFNvJUOrZUUFOUmUTVVNJJqOz6gPk-JWT0CwpDtuK7D6XbMGEwlWSrB0qGs6Oi-8ymW7DDo-xLWmhhYKJLZOJW5Ym8LYVK2Sh2v1QxVmC7lNjLBkwq59USVt_Jcx5SjMWW0ZxVqnIIxFBHEulfj7MoEKZw1axbNK-qlmal9xtYgv3qZ0QcgEnSMJ_5HRMb-
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.dvd-recovery.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame D42A 42 B
64 B 126ms
126ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvvjUiJivuQulHSVkQdVQS1-zrzp1vvxFth0W7i7B-sdILHnfemyI7WwaGdTh64MMhTo6bO-1ZYxfeIbwuM0hE471sSKzqsB8sfH-Yj6XJKzX4lalqg&sig=Cg0ArKJSzB7i2DrIYsVHEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=140,823,1000,1075,1075&tos=140,683,177,75,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170626169600&rst=1706261696120&rpt=320&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:34:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F4FD 42 B
64 B 126ms
126ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssyRSeUEachGDiZL60i7zcnTeDBrUyUnN7MQZAoXBtdG6zPgFQ5HBoKeNYdedN1cqQ9kbv0pkbSxRbyYTwlpS-zz31HjWZSlT3zPR8KXuttFYwMhgTd&sig=Cg0ArKJSzDjECh85VOqWEAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271803&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170626169600&rst=1706261696116&rpt=239&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:34:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 4C50 0
127 B 37ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 Jan 2024 09:34:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5305 42 B
64 B 164ms
128ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsunr3go1spjdRXcgaTFLpGva41Nqpe-omS02YKyOh9RQgww_p8J7vaX1y7laLO808Z9NjTJ4Y8daFrV2SberFxdUuKpxjKttQFaCwADqWEKmq81su20&sig=Cg0ArKJSzLD6OWDTGoMeEAE&id=lidar2&mcvt=1000&p=0,0,600,200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240124&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271804&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170626169600&rst=1706261696119&rpt=290&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 26 Jan 2024 09:34:57 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame E363 0
127 B 160ms
126ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 Jan 2024 09:34:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

POST
H2 200 all
csm.eu.criteo.net/ Frame 1F2C 0
127 B 37ms
37ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.6099.224 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 26 Jan 2024 09:34:57 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

35 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-21 03:19:17	Name: IDE Value: AHWqTUmzOe6MkivXfD9iTu9O0V3OOpyV4RGYnZj9r8DrIj9pFW9w7BMkv__NKyV3Kwk

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20240122/r20110914/zrt_lookup_fy2021.html?fsb=1(Line 17) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
csm.eu.criteo.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
rtb.nl3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.dvd-recovery-org.smart-projects.biz
www.dvd-recovery.com
www.google.com
www.googletagservices.com
104.193.109.63
178.250.1.6
2a00:1450:4001:802::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
1208f0421d29197225a22fa0f6d8ceeea24b055234cc707492b00d8c8fdfebd7
157effbda99b22ff096382c7149465b976e9654ea806d6503381e1b370547799
170c8a1845de0e217db18ce4badda09bc3e711daf6e7d01001651b98ee00c6c6
1fcab795411fac2ef4fe726fc3ee3ad3192ff76a846fa3b28616b3b6e61fae83
2074a344a2a3deaff53edddcdac1961e6502cbf070e67e7284a87d096c994b0e
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3411d38829ae029f7e1354c21afa25c13bfa1146f49c1e825807a7522ecb6494
443cbacf2fb3a724451941ccf2264df8b866eaa34db10e166356109755e908b2
479c99317b6f9a2bdd44f0c7b6e747092a416b708ed9f41461b62add82e39a7a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5505d305fad094d32e08bf6f33ec64f72bed871c02253f616c9f3961e010943e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5e23b960cc0af0f79d51711317bf53f554f42c28e0d0e0cafc5acf748b0f24c1
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
810a3c755d372db87f4e9a650227256d9e559eed5d5cde0b3cf1ecdfac5304bd
8e3d9c041321f05ab44f012401a84c6537cf3405f449847b8de923ccd5cdcc79
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
9c37aee067e91dd0bf77df28d14e094061aed024c5648f84b7534c6242d55d87
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2c1747d7c3549d5184ffdcfacc1c1db89f829d34b078b84274d59c5e637e3d9
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b10790bab1f6dc14dd9aa0a3b17285a134834edbe2130d410cd14df3227aeb7d
b760e2e738833e091aa1fbbbe70586a67071187c04deca59d1743bcf480ff614
caad01cc49910afbc99f8fd7b9979bf3aefeffc2671b5b64c668a0c1c7f6015a
cf7e90c76a71268b42f0c50dc3a4e4e91208ddbdb44bc7512bdc0a9876b281f6
d58acf16b5e4521c9eb24fe9fd97308e5f8be1297e4b63a547e5b610611799ae
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

www.dvd-recovery.com Open in urlscan Pro 104.193.109.63 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

77 Requests

100 %HTTPS

83 %IPv6

8 Domains

13 Subdomains

13 IPs

3 Countries

1101 kBTransfer

2491 kBSize

1 Cookies

8 Outgoing links

Page URL History

Redirected requests

77 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dvd-recovery.com Open in urlscan Pro
104.193.109.63 Public Scan

Screenshot
Live screenshot

Full Image

77
Requests

100 %
HTTPS

83 %
IPv6

8
Domains

13
Subdomains

13
IPs

3
Countries

1101 kB
Transfer

2491 kB
Size

1
Cookies

77 HTTP transactions
3 data transactions