www.dnsqueries.com Open in urlscan Pro
151.236.220.81 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://dnsqueries.com/
Effective URL:
https://www.dnsqueries.com/en/
Submission: On December 31 via api (December 31st 2021, 8:30:08 pm UTC) from SG — Scanned from GB

Summary HTTP 98 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 25 IPs in 5 countries across 16 domains to perform 98 HTTP transactions. The main IP is 151.236.220.81, located in London, United Kingdom and belongs to LINODE-AP Linode, LLC, US. The main domain is www.dnsqueries.com.
TLS certificate: Issued by R3 on December 6th 2021. Valid for: 3 months.

This is the only time www.dnsqueries.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 23	151.236.220.81 151.236.220.81	63949 (LINODE-AP...) (LINODE-AP Linode)
9	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	104.84.56.126 104.84.56.126	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.2.138 178.250.2.138	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
11	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1	142.250.185.66 142.250.185.66	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
13	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::18 2a02:2638::18	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
7	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	178.250.0.139 178.250.0.139	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.162 178.250.0.162	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 3	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
98	25

23 151.236.220.81 (London, United Kingdom) 3 redirects

ASN63949 (LINODE-AP Linode, LLC, US)
PTR: srv030srv.erweb.it

dnsqueries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.dnsqueries.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 104.84.56.126 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-84-56-126.deploy.static.akamaitechnologies.com

s7.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
v1.addthisedge.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
m.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.138 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cas.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::18 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.0.139 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.par.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.162 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	dnsqueries.com 3 redirects dnsqueries.com www.dnsqueries.com	155 KB
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	242 KB
13	criteo.net static.criteo.net pix.eu.criteo.net csm.eu.criteo.net	57 KB
12	doubleclick.net googleads.g.doubleclick.net stats.g.doubleclick.net	66 KB
7	gstatic.com www.gstatic.com fonts.gstatic.com	138 KB
4	google.com 2 redirects adservice.google.com www.google.com	1 KB
4	criteo.com cas.criteo.com rtb.fr.eu.criteo.com ads.eu.criteo.com cat.fr.eu.criteo.com	50 KB
4	addthis.com s7.addthis.com m.addthis.com	141 KB
3	googleapis.com fonts.googleapis.com	2 KB
3	googletagservices.com www.googletagservices.com	110 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com	17 KB
1	cloudflare.com cdnjs.cloudflare.com	5 KB
1	addthisedge.com v1.addthisedge.com	207 B
1	google.co.uk adservice.google.co.uk	792 B
1	googleadservices.com partner.googleadservices.com	648 B
1	moatads.com z.moatads.com	1 KB
98	16

	Domain	Requested by
21	www.dnsqueries.com	1 redirects www.dnsqueries.com
13	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
9	pagead2.googlesyndication.com	www.dnsqueries.com cas.criteo.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	static.criteo.net	ads.eu.criteo.com
5	fonts.gstatic.com	fonts.googleapis.com
4	pix.eu.criteo.net	ads.eu.criteo.com
3	www.google.com	2 redirects tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net cdnjs.cloudflare.com
3	www.googletagservices.com	googleads.g.doubleclick.net
3	s7.addthis.com	www.dnsqueries.com s7.addthis.com
2	csm.eu.criteo.net	ads.eu.criteo.com
2	www.gstatic.com	googleads.g.doubleclick.net
2	ssl.google-analytics.com	1 redirects www.dnsqueries.com
2	dnsqueries.com	2 redirects
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.fr.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	m.addthis.com	s7.addthis.com
1	v1.addthisedge.com	s7.addthis.com
1	stats.g.doubleclick.net	www.dnsqueries.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	z.moatads.com	s7.addthis.com
1	cas.criteo.com	www.dnsqueries.com
98	27

This site contains links to these domains. Also see Links.

Domain
www.addthis.com
www.neographics.it
www.ilmioip.org

Subject Issuer	Validity	Valid
www.dnsqueries.com R3	`2021-12-06` - `2022-03-06`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
odc-addthis-prod-01.oracle.com DigiCert SHA2 Secure Server CA	`2021-04-25` - `2022-04-27`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-26`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-11-03` - `2022-01-31`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-24`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-12-01` - `2022-02-25`	3 months	crt.sh

This page contains 13 frames:

Primary Page: https://www.dnsqueries.com/en/
Frame ID: 944794D1FB7D8931C82952221029519F
Requests: 37 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html
Frame ID: 187CF6A856FDAD86E4899C897420D91C
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=7119715148&adk=3958737129&adf=450149587&pi=t.ma~as.7119715148&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603627&bpp=3&bdt=293&idt=102&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=2197528699334&frm=20&pv=2&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=vFbepXNFpf&p=https%3A//www.dnsqueries.com&dtd=120
Frame ID: BEA9D2823DDE9CB7894ABE1B7774A463
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=8686456886&adk=485201271&adf=3225903902&pi=t.ma~as.8686456886&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603630&bpp=1&bdt=296&idt=132&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2197528699334&frm=20&pv=1&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SFnRcBDFwy&p=https%3A//www.dnsqueries.com&dtd=134
Frame ID: 0D651FD3126CC6C8299BD60F65B088B0
Requests: 13 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 3D25F3C8FA04A9D2897FD64C47C79B81
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 0A4547D312678369ADC8104D6F9A9C6F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=8344438310&adk=1357928632&adf=1544664074&pi=t.ma~as.8344438310&w=160&lmt=1640982603&psa=0&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603631&bpp=1&bdt=298&idt=161&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=2197528699334&frm=20&pv=1&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=1&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaeE%7C&abl=CA&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bqS45lb49N&p=https%3A//www.dnsqueries.com&dtd=165
Frame ID: FD4257A480DDB40E96979E1DD3AD9982
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yc9oSwAM-rIK1coUAAZNCo6YxG9WqYt0XImdnQ&u=%7CTXc7ReArncb9NtGURMo1xjPjbCs6eUCbxuJxkE0b%2Fnk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiDTb8Ze7hyMlY3wVlQwbzOxdoBLRz5aFXt6y4bVDKTxbScCrTGowEnyimifG64hzyxz7_Jw_jC-rj8M0hiijeH9K3LRl_dBIuVhTrSkHS9qtD6wTuA7pA6K6uz2Z11NF_sA89Khtyvnaubjio7_vybd59ECZwa4es-_Sj8VYY9iB9io-fyDG8GwY6MlEq6zV8Xrdn0R7qdciiXH0CmfUkao0OYXEyR7hhos0lIjqFvVyplOkLbh1QuFk2XJ9OmgYKnNEPuan9qG2nHj60EewPt17I-r5HT7jRkHlUShPwDjuOXCmuvRtKaN4hiXnSDkAXdMK9fheUhA52erfti8lbAd3V0iweAg0N31ftioa_TdH225VGlCbD62q4d2Q9PbEmgri6VBT1InMA1oDtUae4-n5L2t6zVz91tsDyz17haxyhNc5IFlDY0EzFf7cl_JoUY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWgNWS2jPYbL1M5SU1waKmplo5I_SsVyvsP2IiAHAjbcBEAEgAGC7vq6D0AqCARdjYS1wdWItNjQxMTk2OTQ2NjM1MjcwM6ABvdSI6wPIAQmpArFUT-v6uLY-qAMBqgTPAU_QvPSAlrvOj4sfykewuBcvFqZwhNwfE_BM46XdeggYQrzyblaI2TtZGk7ocXYjNCllT4wrrWkNHGtPcw0VmvLOBlILUqtEoTu3q4FI997lU-3x0h1m_hXEBDOYUgTK4SVJEMY9Xxl1gOkp6y9lFWpHKkdzYSJSYAi9hlZnmhQ-y8SGro_GnI_YPIlI-sdFwR_e35JRFh2WrKRmkDCjv0gYxs2HUqGNy86kxYy-5VYb4DuFvwsSRJSgY_NHBwCSq_mgAGVkLCQ8llHHjT5WL4AG-cO0zfyi6eHCAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2DOOJtmsDGhUQbbYGr6B7e5IKvcA%26client%3Dca-pub-6411969466352703%26adurl%3D
Frame ID: AEA77DC0A7E2C9EEF877A74E3CDB2216
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 27ED9062EBED2C29DA141B0827B2DBC0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 7EE00130CA9AF116BEA65F2080F950DE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js
Frame ID: FE7671481F897D70931D49555F72B37D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 937B614F947839FE5D989B33575DE148
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EDBA1DCBB3517C25C364405A33FD84C7
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Network tools for every sys admin

Page URL History Show full URLs

http://dnsqueries.com/ HTTP 301
https://dnsqueries.com/ HTTP 302
https://www.dnsqueries.com/ HTTP 302
https://www.dnsqueries.com/en/ Page URL

Detected technologies

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

AddThis (Widgets) Expand

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//(?:cas\.criteo\.com|(?:[^/]\.)?criteo\.net)/

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

Page Statistics

98
Requests

97 %
HTTPS

67 %
IPv6

16
Domains

27
Subdomains

25
IPs

5
Countries

988 kB
Transfer

2315 kB
Size

15
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: https://www.addthis.com/bookmark.php

Search URL Search Domain Scan URL

URL: http://www.neographics.it/print-finishing/multifunzione
Title: Multifunzione

Search URL Search Domain Scan URL

URL: http://www.ilmioip.org/
Title: Il Mio Ip

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://dnsqueries.com/ HTTP 301
https://dnsqueries.com/ HTTP 302
https://www.dnsqueries.com/ HTTP 302
https://www.dnsqueries.com/en/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1379218926&utmhn=www.dnsqueries.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Network%20tools%20for%20every%20sys%20admin&utmhid=1777186095&utmr=-&utmp=%2Fen%2F&utmht=1640982603774&utmac=UA-112285-6&utmcc=__utma%3D128042073.1766974436.1640982604.1640982604.1640982604.1%3B%2B__utmz%3D128042073.1640982604.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1871385112&utmredir=1&utmu=HAAAAAAAAAAAAAAAAAQAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-112285-6&cid=1766974436.1640982604&jid=1871385112&_v=5.7.2&z=1379218926

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 86

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

98 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.dnsqueries.com/en/
Redirect Chain

http://dnsqueries.com/
https://dnsqueries.com/
https://www.dnsqueries.com/
https://www.dnsqueries.com/en/

56 KB
56 KB

1249ms
1249ms

Document
text/html

151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

37d4474256e24c3deaf55f3ea85c976918c8c2e56cab9f1466dcf4bc0c299057

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

Date: Fri, 31 Dec 2021 20:30:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8

Redirect headers

Date: Fri, 31 Dec 2021 20:30:02 GMT
Server: Apache
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=63072000; includeSubdomains;
Location: /en/
Cache-Control: max-age=0
Expires: Fri, 31 Dec 2021 20:30:02 GMT
X-XSS-Protection: 1; mode=block
X-Content-Type-Options: nosniff
Content-Length: 0
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Content-Type: text/html; charset=utf-8

GET
H/1.1 200
OK cssenc.php
www.dnsqueries.com/css/ 22 KB
5 KB 32ms
21ms Stylesheet
text/css 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsqueries.com/css/cssenc.php

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

fba3416ca54fea2dd270b618915c2c4dbe20c28424074fed9746ab0837801604

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 31 Dec 2021 13:54:04 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css;charset=utf-8
Cache-Control: max-age=2592000
Connection: Keep-Alive
Vary: Accept-Encoding
Content-Length: 4644
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=98
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK prototype.php Show response
www.dnsqueries.com/script/ 134 KB
34 KB 54ms
21ms Script
text/javascript 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsqueries.com/script/prototype.php

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

9edf9a3dc72d5f54dcadfa360873976a90217540cbdefb4d448fa2d99783cc70

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 31 Dec 2021 09:57:25 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript;charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Connection: Keep-Alive
Vary: Accept-Encoding
X-XSS-Protection: 1; mode=block
Keep-Alive: timeout=5, max=97
Expires: Fri, 31 Dec 2021 20:30:03 GMT

GET
H/1.1 200
OK logo_print.png
www.dnsqueries.com/image/ 11 KB
11 KB 20ms
20ms Image
image/png 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/logo_print.png

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

0f087179a6701817d2812e762bab41a14fc3329e7fc9753170e04d664ba13254

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:37 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 11107
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK info.png
www.dnsqueries.com/image/ 1 KB
2 KB 21ms
20ms Image
image/png 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/info.png

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

915775223c8be90a7aaf112418261a0821ec0e23f9ee09fd85876eb6a9309152

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:37 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1102
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 121ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

42c4b1df69cbc485b2b8aeb0b6e184afe7e4218cc52943b3fcad4850d9c2937b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51761
x-xss-protection: 0
server: cafe
etag: 12495289506473202077
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 20:30:03 GMT

GET
H/1.1 200
OK print.css
www.dnsqueries.com/css/ 802 B
1 KB 23ms
22ms Stylesheet
text/css 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to

Full URL

https://www.dnsqueries.com/css/print.css

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

ecba82694d99a6fef23a95c651d9025380be76ad88d1afce62853947ebb03184

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:37 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: text/css
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=97
Content-Length: 802
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK gb.gif
www.dnsqueries.com/image/flags/ 260 B
734 B 22ms
20ms Image
image/gif 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/flags/gb.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

4de3ba7104d2c09b0a66c63f2dee198836fcdba8579a404bc797ae95c99efdee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:38 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 260
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK it.gif
www.dnsqueries.com/image/flags/ 366 B
839 B 31ms
20ms Image
image/gif 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/flags/it.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

d4d467cd2bcc7775ca5c044976372f4833305575eafd85b76dac4e1192a874e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:38 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=95
Content-Length: 366
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK es.gif
www.dnsqueries.com/image/flags/ 360 B
834 B 58ms
22ms Image
image/gif 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/flags/es.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

048a252135ee5da45dcd64a8afb068f30a0509106c7bd86ba76078db4b34581a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:38 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 360
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK cn.gif
www.dnsqueries.com/image/flags/ 366 B
840 B 59ms
22ms Image
image/gif 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/flags/cn.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

c2652b280087b6479b7703779da4be80b4c621edbf465e34f5e5314d8835a84c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:38 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 366
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK translate.jpg
www.dnsqueries.com/image/ 17 KB
18 KB 53ms
26ms Image
image/jpeg 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/translate.jpg

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

61f64597444ea4b4c2fdab3d42f7fcfe7c560a81b15345c6a6dab3df259ea14c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/en/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:37 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/jpeg
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 17739
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H2 200 lg-bookmark-en.gif
s7.addthis.com/static/btn/ 625 B
841 B 74ms
37ms Image
image/gif 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s7.addthis.com/static/btn/lg-bookmark-en.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

bea247983ca180be0fad113d757998a16d93d200715e45eb57ecead9e1e12f61

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-271"
content-type: image/gif
cache-control: public, max-age=86313600
date: Fri, 31 Dec 2021 20:30:03 GMT
x-host: s7.addthis.com
accept-ranges: bytes
timing-allow-origin: *
content-length: 625

GET
H2 200 addthis_widget.js Show response
s7.addthis.com/js/152/ 353 KB
114 KB 129ms
39ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/js/152/addthis_widget.js

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
server: nginx/1.15.8
etag: "5f971164-5834c"
vary: Accept-Encoding
x-distribution: 99
content-type: application/javascript
cache-control: public, max-age=600
date: Fri, 31 Dec 2021 20:30:03 GMT
x-host: s7.addthis.com
content-length: 116325

GET
H/1.1 200
OK pageBg.gif
www.dnsqueries.com/image/ 129 B
602 B 29ms
19ms Image
image/gif 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/pageBg.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/css/cssenc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

7d5780c8c920e669d465de3712650a4e57c75f8a31b8bb9cde70d6b66be61486

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/css/cssenc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:38 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 129
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK span_tools.png
www.dnsqueries.com/image/ 407 B
880 B 28ms
19ms Image
image/png 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/span_tools.png

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/css/cssenc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

3ae5851fa64a3e3f9e33b06b228c7c1c9876e47b4697321bb2f1d352f01c6db7

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/css/cssenc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:37 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 407
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK pageBanner.gif
www.dnsqueries.com/image/ 2 KB
2 KB 34ms
21ms Image
image/gif 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/pageBanner.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/css/cssenc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

bcbca911d56b5748ff17596104be8b295f6530bf3f2d7ff995e5a4305deed5b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/css/cssenc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:38 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=94
Content-Length: 1960
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H2 200 ajs.php Show response
cas.criteo.com/delivery/ 762 B
1 KB 105ms
31ms Script
text/javascript 178.250.2.138
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://cas.criteo.com/delivery/ajs.php?zoneid=109772&nodis=1&cb=13643931039&exclude=undefined&charset=UTF-8&loc=https%3A//www.dnsqueries.com/en/

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.138 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

020955fd3837dd877909c76cc028016841da7328966f541eed03a3f78724d550

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://www.dnsqueries.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Fri, 31 Dec 2021 20:30:02 GMT
content-encoding: gzip
vary: Accept-Encoding
x-powered-by: ASP.NET
p3p: CP='CUR ADM OUR NOR STA NID'
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 12482
strict-transport-security: max-age=31536000; preload;
content-length: 525
pragma: no-cache
server: Microsoft-IIS/10.0
access-control-max-age: 1000
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK logo.png
www.dnsqueries.com/image/ 9 KB
9 KB 22ms
22ms Image
image/png 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/logo.png

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/css/cssenc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

57df81f30bffd0cd0506f9c49928b51a62b29a10724967319232de51d3108118

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/css/cssenc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:37 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 9191
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK menu.gif
www.dnsqueries.com/image/ 206 B
679 B 25ms
25ms Image
image/gif 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/menu.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/css/cssenc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

6e34fd0fb91254609b4f0c9697b530d43e08f7d6b935c9c13e9d4cefd7625938

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/css/cssenc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:38 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 206
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK menu_add.gif
www.dnsqueries.com/image/ 66 B
538 B 21ms
21ms Image
image/gif 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/menu_add.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/css/cssenc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

3c3f6879bffc26777b976769e25ab82c17581dc558f43916ca557a2af8002b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/css/cssenc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:38 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=93
Content-Length: 66
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK headBg.png
www.dnsqueries.com/image/ 571 B
1 KB 22ms
20ms Image
image/png 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/headBg.png

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/css/cssenc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

8b2f0d7807e6bb0d085adfc4f082583c37c500fa1a2ac7bcc9d9cf57eb572b05

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/css/cssenc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:37 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 571
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H/1.1 200
OK shoulderBoxBlueH3.gif
www.dnsqueries.com/image/ 4 KB
4 KB 22ms
20ms Image
image/gif 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/shoulderBoxBlueH3.gif

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/css/cssenc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

aaf9e0e625d57bc97f1c0adb3967e8fea030c34f6a49f865f82b5cf81acde6ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/css/cssenc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:37 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 3861
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 moatframe.js Show response
z.moatads.com/addthismoatframe568911941483/ 2 KB
1 KB 140ms
39ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/152/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:03 GMT
content-encoding: gzip
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
server: AmazonS3
x-amz-request-id: D5503D14AA2F06AA
etag: "f14b4e1f799b14f798a195f43cf58376"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=60451
accept-ranges: bytes
content-length: 948
x-amz-id-2: JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=

GET
H/1.1 200
OK footer_container_bg.png
www.dnsqueries.com/image/ 3 KB
4 KB 23ms
23ms Image
image/png 151.236.220.81
LINODE-AP Linode

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dnsqueries.com/image/footer_container_bg.png

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/css/cssenc.php

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.236.220.81 London, United Kingdom, ASN63949 (LINODE-AP Linode, LLC, US),

Reverse DNS

srv030srv.erweb.it

Software

Apache /

Resource Hash

4eb47c68ac9077f1e280110c8fc3924c999530f327393a85d9ba70f246f814bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/css/cssenc.php
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Strict-Transport-Security: max-age=63072000; includeSubdomains;
X-Content-Type-Options: nosniff
Last-Modified: Mon, 22 Jan 2018 18:13:37 GMT
Server: Apache
Date: Fri, 31 Dec 2021 20:30:03 GMT
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=2592000
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=96
Content-Length: 3281
X-XSS-Protection: 1; mode=block
Expires: Sun, 30 Jan 2022 20:30:03 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 111ms
29ms Script
text/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dnsqueries.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4923
date: Fri, 31 Dec 2021 19:08:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 31 Dec 2021 21:08:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/ 276 KB
100 KB 54ms
53ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=pub-6411969466352703&plah=www.dnsqueries.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101736
x-xss-protection: 0
server: cafe
etag: 6975236974516728872
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 31 Dec 2021 20:30:03 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/ Frame 187C 11 KB
5 KB 98ms
29ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211207/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 31 Dec 2021 18:36:45 GMT
expires: Fri, 14 Jan 2022 18:36:45 GMT
content-type: text/html; charset=UTF-8
etag: 17731914101004188133
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4884
x-xss-protection: 0
age: 6798
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
648 B 119ms
37ms Script
text/javascript 142.250.185.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.dnsqueries.com&callback=_gfp_s_&client=pub-6411969466352703

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202112060101/show_ads_impl_with_ama_fy2019.js?client=pub-6411969466352703&plah=www.dnsqueries.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s48-in-f2.1e100.net

Software

cafe /

Resource Hash

89de23cd938277afae942b5e7141b046234b75ac3aab2e23b2b97086f9df8d68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 121ms
38ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=www.dnsqueries.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 20:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 109ms
38ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.dnsqueries.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 20:30:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame BEA9 89 KB
29 KB 381ms
344ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=7119715148&adk=3958737129&adf=450149587&pi=t.ma~as.7119715148&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603627&bpp=3&bdt=293&idt=102&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=2197528699334&frm=20&pv=2&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=vFbepXNFpf&p=https%3A//www.dnsqueries.com&dtd=120

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7b07adcf2524db7ca534f18c4cca3b8b15d7ebe670098098dd65ed9319b8dbe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 31 Dec 2021 20:30:04 GMT
server: cafe
content-length: 30024
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 31 Dec 2021 20:30:04 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0D65 78 KB
22 KB 350ms
330ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=8686456886&adk=485201271&adf=3225903902&pi=t.ma~as.8686456886&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603630&bpp=1&bdt=296&idt=132&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2197528699334&frm=20&pv=1&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SFnRcBDFwy&p=https%3A//www.dnsqueries.com&dtd=134

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e8062457920f1f32edd09ab582a5cab162bd2369eea5a625d0b976d09d402b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 31 Dec 2021 20:30:04 GMT
server: cafe
content-length: 22266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 31 Dec 2021 20:30:04 GMT
cache-control: private

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1379218926&utmhn=www.dnsqueries.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=N...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-112285-6&cid=1766974436.1640982604&jid=1871385112&_v=5.7.2&z=1379218926

35 B
430 B

74ms
24ms

Image
image/gif

2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-112285-6&cid=1766974436.1640982604&jid=1871385112&_v=5.7.2&z=1379218926

Requested by

Host: www.dnsqueries.com
URL: https://www.dnsqueries.com/en/

Protocol

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 31 Dec 2021 20:30:03 GMT
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 31 Dec 2021 20:30:03 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-112285-6&cid=1766974436.1640982604&jid=1871385112&_v=5.7.2&z=1379218926
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 369
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 _ate.track.config_resp Show response
v1.addthisedge.com/live/boost/cybercox/ 27 B
207 B 239ms
231ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://v1.addthisedge.com/live/boost/cybercox/_ate.track.config_resp
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/152/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
content-disposition: attachment; filename=1.txt
cache-control: public, max-age=60, s-maxage=86400
content-length: 47
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8

GET
H2 200 300lo.json Show response
m.addthis.com/live/red_lojson/ 89 B
249 B 226ms
204ms Script
application/javascript 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://m.addthis.com/live/red_lojson/300lo.json?si=61cf684b243e2c16&bkl=0&bl=1&pdt=1593&sid=61cf684b243e2c16&pub=cybercox&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.dnsqueries.com&fp=en%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=1&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=dns%2Cquery%2Cqueries%2Cptr%2Creverse%2Clookup%2Cdnsbl%2Cdomain%2Ctool%2Cchecks%2Ctests%2Ctraversal&colc=1640982603786&jsl=98&uvs=61cf684b4b799c60000&skipb=1&callback=addthis.cbs.jsonp__50802108601959460
Requested by: Host: s7.addthis.com
URL: https://s7.addthis.com/js/152/addthis_widget.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-84-56-126.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 4130c3113578efc2523b4c4577dacd2ba2f650fcc16a21e87f3b237d4a03ce7d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 20:30:04 GMT
cache-control: max-age=0, no-cache, no-store, no-transform
content-disposition: attachment; filename=1.txt
content-length: 89
content-type: application/javascript;charset=utf-8

GET sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 3D25 0
0

GET
H2 200 sh.f48a1a04fe8dbf021b4cda1d.html Show response
s7.addthis.com/static/ Frame 0A45 71 KB
26 KB 32ms
32ms Document
text/html 104.84.56.126
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Requested by

Host: s7.addthis.com
URL: https://s7.addthis.com/js/152/addthis_widget.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.84.56.126 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-84-56-126.deploy.static.akamaitechnologies.com

Software

nginx/1.15.8 /

Resource Hash

7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/

Response headers

server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Fri, 31 Dec 2021 20:30:03 GMT
vary: Accept-Encoding
x-host: s7.addthis.com

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FD42 22 KB
9 KB 238ms
238ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=8344438310&adk=1357928632&adf=1544664074&pi=t.ma~as.8344438310&w=160&lmt=1640982603&psa=0&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603631&bpp=1&bdt=298&idt=161&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=2197528699334&frm=20&pv=1&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=1&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaeE%7C&abl=CA&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bqS45lb49N&p=https%3A//www.dnsqueries.com&dtd=165

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee76b8806ea26cc81875137c4f340f1e45961c7b08bf8403bd9e69eb75a6b654

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Fri, 31 Dec 2021 20:30:04 GMT
server: cafe
content-length: 9411
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 31 Dec 2021 20:30:04 GMT
cache-control: private

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame FD42 2 KB
1 KB 100ms
17ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=8344438310&adk=1357928632&adf=1544664074&pi=t.ma~as.8344438310&w=160&lmt=1640982603&psa=0&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603631&bpp=1&bdt=298&idt=161&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=2197528699334&frm=20&pv=1&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=1&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaeE%7C&abl=CA&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bqS45lb49N&p=https%3A//www.dnsqueries.com&dtd=165

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:28:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 70
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:28:54 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FD42 119 KB
37 KB 130ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 31 Dec 2021 20:30:04 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame FD42 15 KB
7 KB 97ms
15ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:25:22 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FD42 0
0 93ms
92ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C3wVgS2jPYbL1M5SU1waKmplo5I_SsVyvsP2IiAHAjbcBEAEgAGC7vq6D0AqCARdjYS1wdWItNjQxMTk2OTQ2NjM1MjcwM6ABvdSI6wPIAQmpArFUT-v6uLY-qAMBqgTMAU_QvPSAlrvOj4sfykewuBcvFqZwhNwfE_BM46XdeggYQrzyblaI2TtZGk7ocXYjNCllT4wrrWkNHGtPcw0VmvLOBlILUqtEoTu3q4FI997lU-3x0h1m_hXEBDOYUgTK4SVJEMY9Xxl1gOkp6y9lFWpHKkdzYSJSYAi9hlZnmhQ-y8SGro_GnI_YPIlI-sdFwR_e35JRFh2WrKRmkDCjv0gYxs2HUqHPye82Fi5M4MXp76MG25e5R4Cq3_lpH9scMJ08odp6ADztEbvCHoAG-cO0zfyi6eHCAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY0MTE5Njk0NjYzNTI3MDMYAA&sigh=4iQsGEECOkk&uach_m=[UACH]&cid=CAQSGwCNIrLMTjtuJXygP90NmNK9sRhwEf874IGi3xgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=8344438310&adk=1357928632&adf=1544664074&pi=t.ma~as.8344438310&w=160&lmt=1640982603&psa=0&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603631&bpp=1&bdt=298&idt=161&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C728x90&correlator=2197528699334&frm=20&pv=1&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=1&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1430&ady=106&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CaeE%7C&abl=CA&pfx=0&fu=16384&bc=31&ifi=3&uci=a!3&fsb=1&xpc=bqS45lb49N&p=https%3A//www.dnsqueries.com&dtd=165
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 31 Dec 2021 20:30:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 31 Dec 2021 20:30:04 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame FD42 0
0 137ms
43ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=UMvMEL_6RKABWof6VxgCAAAALroqoTDQ8h8QS2jPYUhkZPcqBTm486cSABI&wp=Yc9oSwAM-rIK1coUAAZNCo6YxG9WqYt0XImdnQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:03 GMT
server: Kestrel
server-processing-duration-in-ticks: 234925
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame AEA7 142 KB
48 KB 165ms
112ms Document
text/html 2a02:2638::18
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Yc9oSwAM-rIK1coUAAZNCo6YxG9WqYt0XImdnQ&u=%7CTXc7ReArncb9NtGURMo1xjPjbCs6eUCbxuJxkE0b%2Fnk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiDTb8Ze7hyMlY3wVlQwbzOxdoBLRz5aFXt6y4bVDKTxbScCrTGowEnyimifG64hzyxz7_Jw_jC-rj8M0hiijeH9K3LRl_dBIuVhTrSkHS9qtD6wTuA7pA6K6uz2Z11NF_sA89Khtyvnaubjio7_vybd59ECZwa4es-_Sj8VYY9iB9io-fyDG8GwY6MlEq6zV8Xrdn0R7qdciiXH0CmfUkao0OYXEyR7hhos0lIjqFvVyplOkLbh1QuFk2XJ9OmgYKnNEPuan9qG2nHj60EewPt17I-r5HT7jRkHlUShPwDjuOXCmuvRtKaN4hiXnSDkAXdMK9fheUhA52erfti8lbAd3V0iweAg0N31ftioa_TdH225VGlCbD62q4d2Q9PbEmgri6VBT1InMA1oDtUae4-n5L2t6zVz91tsDyz17haxyhNc5IFlDY0EzFf7cl_JoUY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWgNWS2jPYbL1M5SU1waKmplo5I_SsVyvsP2IiAHAjbcBEAEgAGC7vq6D0AqCARdjYS1wdWItNjQxMTk2OTQ2NjM1MjcwM6ABvdSI6wPIAQmpArFUT-v6uLY-qAMBqgTPAU_QvPSAlrvOj4sfykewuBcvFqZwhNwfE_BM46XdeggYQrzyblaI2TtZGk7ocXYjNCllT4wrrWkNHGtPcw0VmvLOBlILUqtEoTu3q4FI997lU-3x0h1m_hXEBDOYUgTK4SVJEMY9Xxl1gOkp6y9lFWpHKkdzYSJSYAi9hlZnmhQ-y8SGro_GnI_YPIlI-sdFwR_e35JRFh2WrKRmkDCjv0gYxs2HUqGNy86kxYy-5VYb4DuFvwsSRJSgY_NHBwCSq_mgAGVkLCQ8llHHjT5WL4AG-cO0zfyi6eHCAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2DOOJtmsDGhUQbbYGr6B7e5IKvcA%26client%3Dca-pub-6411969466352703%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::18 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d005c0c1c7b9d73886d460532761bc6f9febd421afb6e86032fbb2b49e521f14

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-type: text/html
server: Kestrel
cache-control: private, max-age=0, no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cross-origin-resource-policy: cross-origin
p3p: CP='CUR ADM OUR NOR STA NID'
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6PDwi6P5uhveq4XIzAfQ19w4c51Mnj1ofwoLqX6rkAS1VI1I77UOtpKJFs2_Ey2ZRg0Mji8_eRIOJ4diu9mr1glHyncWP_rcD7kE5G6_7uBovsVNxJnwj-bI6IKyHmykHk5c_VjR0KWxFVPkqKn900xGG5hs0KuPpKngz6A2_TchgG5BaAE3tndfSMvkmGtrGUNTqh3H-irUUHTOjsuCqECZa_i3AGB0KHb7yst78YebIJroi72vPoVDm4GVrrnTaSx3Zg"}], "max_age": 86400}
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
server-processing-duration-in-ticks: 82036385
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
vary: Accept-Encoding

GET
H2 200 css
fonts.googleapis.com/ Frame 0D65 3 KB
652 B 108ms
40ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=8686456886&adk=485201271&adf=3225903902&pi=t.ma~as.8686456886&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603630&bpp=1&bdt=296&idt=132&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2197528699334&frm=20&pv=1&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SFnRcBDFwy&p=https%3A//www.dnsqueries.com&dtd=134

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 20:12:46 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 31 Dec 2021 20:30:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 Dec 2021 20:30:04 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0D65 1 KB
880 B 90ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1028
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:12:56 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame 0D65 19 KB
8 KB 78ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:06:15 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame BEA9 3 KB
1 KB 107ms
39ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=7119715148&adk=3958737129&adf=450149587&pi=t.ma~as.7119715148&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603627&bpp=3&bdt=293&idt=102&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=2197528699334&frm=20&pv=2&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=vFbepXNFpf&p=https%3A//www.dnsqueries.com&dtd=120

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 19:54:18 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 31 Dec 2021 20:30:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 Dec 2021 20:30:04 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0D65 2 KB
1 KB 65ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:26:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0D65 119 KB
37 KB 46ms
46ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 31 Dec 2021 20:30:04 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame 0D65 15 KB
6 KB 69ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:25:22 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame 0D65 27 KB
12 KB 97ms
30ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 22:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 22:16:39 GMT

GET
H3 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BEA9 1 KB
880 B 61ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:12:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1028
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 853
x-xss-protection: 0
server: cafe
etag: 7170004918125193417
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:12:56 GMT

GET
H3 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/ Frame BEA9 19 KB
8 KB 62ms
30ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:06:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1429
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7876
x-xss-protection: 0
server: cafe
etag: 5333878705136318229
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:06:15 GMT

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BEA9 2 KB
1 KB 83ms
51ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:26:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 209
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1332
x-xss-protection: 0
server: cafe
etag: 3351516697335751560
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:26:35 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame BEA9 119 KB
37 KB 57ms
57ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37305
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1638461285297402"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 31 Dec 2021 20:30:04 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/ Frame BEA9 15 KB
6 KB 74ms
43ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211207/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:25:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 282
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6464
x-xss-protection: 0
server: cafe
etag: 15715955993838318253
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 20:25:22 GMT

GET
H2 200 6d065ef8aad4e53a06604e1059b7b7b3.js Show response
www.gstatic.com/mysidia/ Frame BEA9 27 KB
11 KB 98ms
35ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 22:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 339205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11408
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 07:52:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 27 Mar 2022 22:16:39 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0D65 0
0 69ms
69ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C5pRdS2jPYbjVMo621wahlJyYAerY__9jztXO-OwN2tkeEAEg8sepA2C7vq6D0AqgAar1z-0CyAEBqQKxVE_r-ri2PqgDAaoE3AFP0DC_2cS2LZjK41L7QfCBesOUNL4PKolh6Nyaz0R5OS3h9v6nY62aKtX9VaCRcgKVNb9j_cVSgMQOfWJnS-EYgcrinetslYxeTSWN9e8OMP-Uzpvpe57DqBtGMB0TzUxYHNE76Q_QkrihT6FvNPCo57hw6-61b86YxC_k6SCdzuO8VmgFYfUR9wmAPjWLKDp5cfa94sQbGcXmIPWjObdJTyiUYCdooEvslRgJPeT4BxNZnhA1BWTAHCNtwE8HuZ6RSMBkYGuCxbp_VwLf99_Y31L45MlZD7xk-QI5wATNpaOruwOAB-2P1w6oB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDzsALSCAkIgOGAEBABGB-ACgHICwHYEwOIFAbQFQGAFwGyFxwKGggAEhRwdWItNjQxMTk2OTQ2NjM1MjcwMxgA&sigh=8ZGBDXsvczY&uach_m=[UACH]&template_id=5001

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=8686456886&adk=485201271&adf=3225903902&pi=t.ma~as.8686456886&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603630&bpp=1&bdt=296&idt=132&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2197528699334&frm=20&pv=1&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SFnRcBDFwy&p=https%3A//www.dnsqueries.com&dtd=134
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 31 Dec 2021 20:30:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/7041171563309565305/ Frame 0D65 4 KB
4 KB 62ms
47ms Image
image/png 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7041171563309565305/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d18e325fb9d96280b6a048f24665fb1bafbd4b610b7515d378b5820b7bfe87a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Tue, 28 Dec 2021 17:59:36 GMT
x-content-type-options: nosniff
age: 268228
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4297
x-xss-protection: 0
last-modified: Tue, 22 Jun 2021 15:11:33 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 28 Dec 2022 17:59:36 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame BEA9 0
0 70ms
68ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cy-yKS2jPYdKSMqXJ1fAP_YKt2AanztzuZcqI7On5Dp_thK6vKxABIPLHqQNgu76ug9AKyAEBqQLYfjxRZ-NMPqgDAcgDywSqBNgBT9B0WYBZzUgByHZ9KJ9N5gOprhrom4yI2gQynJwrsdXwC2SvOLQeGxA1xD2wFz0ZuAS-95it7y6WZJXT-DRP9PmKDIpsSNo58WJLQIZJ6lLevfB07mOxXHZ7GbbrP5bzEzrXhAfyAYBvIo6GomatIbi3HP-g1UFPfDIRMC1h2W92_b978dcE1XDu67-HaUK98YjsyBP5SiN4czh8Ib7us57rTtykCyMcjEbXrr1bsPdb5A64WAz2RRplOftBq9cqu0ff_pxTQ-qhCja05Oydpw5oZ0K1jaxmwATY-N784AOSBQQIBBgBkgUECAUYBIAH8bPHvQGoB47OG6gHk9gbqAfulrECqAf-nrECqAfVyRuoB6a-G9gHAfIHBBDVoQ_SCAkIgOGAEBABGB-ACgHICwHYEwLQFQGAFwGyFxwKGggAEhRwdWItNjQxMTk2OTQ2NjM1MjcwMxgA&sigh=NYSFxEmOTJs&uach_m=[UACH]

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=7119715148&adk=3958737129&adf=450149587&pi=t.ma~as.7119715148&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603627&bpp=3&bdt=293&idt=102&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=2197528699334&frm=20&pv=2&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=vFbepXNFpf&p=https%3A//www.dnsqueries.com&dtd=120
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 31 Dec 2021 20:30:04 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame FD42 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 469b5ea8ee669cbcd83e122054b5c4fe7fe30016b956eb76ff03016187ba181c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27ED 143 B
163 B 28ms
28ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=7119715148&adk=3958737129&adf=450149587&pi=t.ma~as.7119715148&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603627&bpp=3&bdt=293&idt=102&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&correlator=2197528699334&frm=20&pv=2&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=472&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleE%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=1&uci=a!1&fsb=1&xpc=vFbepXNFpf&p=https%3A//www.dnsqueries.com&dtd=120

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 31 Dec 2021 20:04:54 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7EE0 143 B
163 B 28ms
28ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6411969466352703&output=html&h=90&slotname=8686456886&adk=485201271&adf=3225903902&pi=t.ma~as.8686456886&w=728&lmt=1640982603&psa=0&format=728x90&url=https%3A%2F%2Fwww.dnsqueries.com%2Fen%2F&flash=0&wgl=1&uach=IltcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBcIlwiLCBbXSwgXCJcIl0i&dt=1640982603630&bpp=1&bdt=296&idt=132&shv=r20211207&mjsv=m202112060101&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=2197528699334&frm=20&pv=1&ga_vid=1766974436.1640982604&ga_sid=1640982604&ga_hid=1777186095&ga_fc=0&ga_wpids=UA-112285-6&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=224&ady=2223&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31063751%2C44750774%2C31063859&oid=2&pvsid=2827967899293983&pem=592&tmod=8&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CleEbr%7C&abl=CS&pfx=0&fu=16384&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=SFnRcBDFwy&p=https%3A//www.dnsqueries.com&dtd=134

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Fri, 31 Dec 2021 20:04:54 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 1510
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 0D65 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ec6be311b5fba3afc69c8db70f87bf1ae8a1ac065cc587fab1117806ff76852f

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame AEA7 2 KB
1 KB 102ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Yc9oSwAM-rIK1coUAAZNCo6YxG9WqYt0XImdnQ&u=%7CTXc7ReArncb9NtGURMo1xjPjbCs6eUCbxuJxkE0b%2Fnk%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGephfTH5JL0zydALMisec7v4dU5de-TFyMyKuX9u2jeaiDTb8Ze7hyMlY3wVlQwbzOxdoBLRz5aFXt6y4bVDKTxbScCrTGowEnyimifG64hzyxz7_Jw_jC-rj8M0hiijeH9K3LRl_dBIuVhTrSkHS9qtD6wTuA7pA6K6uz2Z11NF_sA89Khtyvnaubjio7_vybd59ECZwa4es-_Sj8VYY9iB9io-fyDG8GwY6MlEq6zV8Xrdn0R7qdciiXH0CmfUkao0OYXEyR7hhos0lIjqFvVyplOkLbh1QuFk2XJ9OmgYKnNEPuan9qG2nHj60EewPt17I-r5HT7jRkHlUShPwDjuOXCmuvRtKaN4hiXnSDkAXdMK9fheUhA52erfti8lbAd3V0iweAg0N31ftioa_TdH225VGlCbD62q4d2Q9PbEmgri6VBT1InMA1oDtUae4-n5L2t6zVz91tsDyz17haxyhNc5IFlDY0EzFf7cl_JoUY&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWgNWS2jPYbL1M5SU1waKmplo5I_SsVyvsP2IiAHAjbcBEAEgAGC7vq6D0AqCARdjYS1wdWItNjQxMTk2OTQ2NjM1MjcwM6ABvdSI6wPIAQmpArFUT-v6uLY-qAMBqgTPAU_QvPSAlrvOj4sfykewuBcvFqZwhNwfE_BM46XdeggYQrzyblaI2TtZGk7ocXYjNCllT4wrrWkNHGtPcw0VmvLOBlILUqtEoTu3q4FI997lU-3x0h1m_hXEBDOYUgTK4SVJEMY9Xxl1gOkp6y9lFWpHKkdzYSJSYAi9hlZnmhQ-y8SGro_GnI_YPIlI-sdFwR_e35JRFh2WrKRmkDCjv0gYxs2HUqGNy86kxYy-5VYb4DuFvwsSRJSgY_NHBwCSq_mgAGVkLCQ8llHHjT5WL4AG-cO0zfyi6eHCAaAGIagHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2DOOJtmsDGhUQbbYGr6B7e5IKvcA%26client%3Dca-pub-6411969466352703%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Dec 2022 20:30:04 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame AEA7 2 KB
1 KB 106ms
28ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Dec 2022 20:30:04 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame AEA7 308 B
636 B 74ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 26 Dec 2022 20:30:04 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame AEA7 507 B
835 B 79ms
28ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 26 Dec 2022 20:30:04 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame AEA7 43 B
350 B 100ms
35ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=YygwPVxw6_SU-1Nbc5kYmdmHmqWzhBRu-EzROUxqQQ33hrWhkp27NzGsBNUWBCxn-YIv3f3vqjfW_PQe1Z1oSExse3kA3F7LD01dqv9UtQRzWcoXhtn1t3WQHr8n9TqDMRvI_2RTEiLlbYIJ1LL9YTz7rZj3l6fn1_m1dtyFB66AOga5ntq8fnDwjaL5xfeUDCnMfoMQYmeKyuNPxJBDYkI_VA0QrZyWEjPMjL40xrvT8SiJFJ_c53qnoB-UXwflDxlEQuN-_b2Khjw5Ks4BY-sh4Jn0XmljYl7JI61wj_uIMtZFuFMNV-ywRf90ksXBNT1NnF9kmb3GSm70MoMbQA2049t0rDCcg9v1y0qLc4_oYP7kjzOtWCF7-mtgwodinh5ZhBNUHo0Q4s0-Or61fDZrP0mtOf9KfZCsAu-dOUaFEkyRmBT7hL_GrZ853P7Sunw1iw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Microsoft-IIS/10.0 /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 20:30:04 GMT
server: Microsoft-IIS/10.0
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 9848
content-type: image/gif
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame BEA9 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e093ec8d4284b81b37a602b1cb2548f23a513c0d7a6877e3ab0cbd244bebc84a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame BEA9 21 KB
22 KB 129ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:17:51 GMT
x-content-type-options: nosniff
age: 25933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:17:51 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame BEA9 21 KB
21 KB 156ms
58ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 353318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Dec 2022 18:21:26 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame AEA7 12 KB
5 KB 166ms
58ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1908622
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 4420
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5Xf0ZnTm81NDu%2F25ao%2FPe4D%2BGHrXCusD6arxmQWZqbsGlxmjQ%2Fn31SI1CIKyH8GUiJlfO2YyyxM6sxKW0ZHlpNXCIJ1Q15am%2FV5A0c53mPE%2FkxlaswRwbNvwyT6oNUBAiMwe%2FqK7GLxnJ5%2BgsGfes%2Fbe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6c66437e19e20e26-MXP
expires: Wed, 21 Dec 2022 20:30:04 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame AEA7 12 KB
6 KB 38ms
26ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Dec 2022 20:30:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AEA7 15 KB
15 KB 107ms
40ms Image
image/png 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=176&m=0&partner=65059&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F65059%2F210330%2F6c528a63f71c4d72a0d8e9687e87328d_logo_vertical_03.png&v=3&w=184&s=d19077sqfaOzgnUbcpJszHEg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e3e0d2df0844e4f1eb494c8fe69185abae463c563407c6cd0468b35f11c38afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Thu, 30 Dec 2021 11:31:24 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 118719
vary: Origin
x-cache: hit cached
content-type: image/png
cache-control: public, max-age=28737967
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 15300
expires: Mon, 28 Nov 2022 02:17:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AEA7 10 KB
10 KB 107ms
41ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65059&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_aspire-3-a317-53-non-sv_1000main_nx.ad0ek.004.png&v=3&w=400&s=OFETfxZ8tzUTdTIJlBD4IBWx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

72a7fea793e4986622cee62cbb513db6fe20074ab143d8cf584ac85fbfeb4a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:29:16 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 47
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=1154849
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 10106
expires: Wed, 29 Dec 2021 18:02:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AEA7 9 KB
9 KB 115ms
49ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65059&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fc%2F_conceptd-3_cn314-72-72g_white_1000main_1.png&v=3&w=400&s=4hEoqeK5a88HXcZWk4PKhJgO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

8fae3152d895062f781e838055e070ff2be69764287f7b1a74ccb5acc885a9de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:28:34 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 89
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=809030
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 9250
expires: Sat, 25 Dec 2021 17:43:32 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame AEA7 10 KB
10 KB 115ms
49ms Image
image/webp 178.250.0.139
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=65059&q=80&r=0&u=https%3A%2F%2Fstatic2-ecemea.acer.com%2Fmedia%2Fcatalog%2Fproduct%2F_%2Fa%2F_acer-aspire-5_a517-52-52g_fp-backlit_silver_1000main_nx.aarek.003.png&v=3&w=400&s=mCLP0wSzh-Rc3P0GqILaZFB8&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.139 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.par.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bbf18ae550d420504652ee7304deb5b21ae4c2e500bbd0e13489298a6b9a314d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Wed, 22 Dec 2021 17:45:17 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
age: 787486
vary: Origin
x-cache: hit cached
content-type: image/webp
cache-control: public, max-age=1209599
cdn-loop: Criteo
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
accept-ranges: bytes
timing-allow-origin: *
content-length: 9828
expires: Wed, 05 Jan 2022 17:45:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AEA7 0
127 B 90ms
27ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=6PDwi6P5uhveq4XIzAfQ19w4c51Mnj1ofwoLqX6rkAS1VI1I77UOtpKJFs2_Ey2ZRg0Mji8_eRIOJ4diu9mr1glHyncWP_rcD7kE5G6_7uBovsVNxJnwj-bI6IKyHmykHk5c_VjR0KWxFVPkqKn900xGG5hs0KuPpKngz6A2_TchgG5BaAE3tndfSMvkmGtrGUNTqh3H-irUUHTOjsuCqECZa_i3AGB0KHb7yst78YebIJroi72vPoVDm4GVrrnTaSx3Zg&sds=2&rev=79924&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 31 Dec 2021 20:30:03 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame AEA7 2 KB
1 KB 31ms
31ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Dec 2022 20:30:04 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame AEA7 2 KB
1 KB 25ms
25ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 26 Dec 2022 20:30:04 GMT

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0D65 21 KB
21 KB 86ms
46ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 13:17:51 GMT
x-content-type-options: nosniff
age: 25933
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21660
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:07:18 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 31 Dec 2022 13:17:51 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 0D65 21 KB
21 KB 106ms
66ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 18:21:26 GMT
x-content-type-options: nosniff
age: 353318
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21424
x-xss-protection: 0
last-modified: Wed, 01 Sep 2021 18:08:24 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Dec 2022 18:21:26 GMT

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 27ED
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

87ms
87ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 31 Dec 2021 20:30:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 31 Dec 2021 20:30:04 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 31 Dec 2021 20:30:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 7EE0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
16 B

150ms
150ms

Document
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 31 Dec 2021 20:30:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 31 Dec 2021 20:30:04 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 31 Dec 2021 20:30:04 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css
fonts.googleapis.com/ Frame AEA7 2 KB
435 B 74ms
38ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 31 Dec 2021 20:21:54 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 31 Dec 2021 20:30:04 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 31 Dec 2021 20:30:04 GMT

GET
H3 200 7Auwp_0qiz-afTLGLQ.woff2
fonts.gstatic.com/s/muli/v22/ Frame AEA7 30 KB
30 KB 66ms
29ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/muli/v22/7Auwp_0qiz-afTLGLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli:400,700&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Mon, 27 Dec 2021 18:20:47 GMT
x-content-type-options: nosniff
age: 353357
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31120
x-xss-protection: 0
last-modified: Wed, 15 Jul 2020 20:50:02 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Tue, 27 Dec 2022 18:20:47 GMT

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame FE76 35 KB
13 KB 30ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 18:37:15 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 80ms
43ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211207&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2f0e02a1a81c92bc013db7b3060a44de356480b8e33e0406955be1f6b529f1ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8458
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 20:30:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
expires: Fri, 31 Dec 2021 20:30:04 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 937B 13 KB
5 KB 30ms
30ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5046
date: Fri, 31 Dec 2021 20:00:11 GMT
expires: Sat, 31 Dec 2022 20:00:11 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1793
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EDBA 783 B
535 B 77ms
37ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

67e4722ca1296416545d73eac4d4366d214bd3c35556f3a17d6da2ca97eb0e53

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4aOXLl7uDwiYu9ltAGGRpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Fri, 31 Dec 2021 20:30:04 GMT
date: Fri, 31 Dec 2021 20:30:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4aOXLl7uDwiYu9ltAGGRpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js Show response
pagead2.googlesyndication.com/bg/ Frame 937B 35 KB
13 KB 29ms
29ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/EnZy1JEvhtfL3qsMHM2VNqoz8zWnsWCdOjk5wdd4Ig4.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date: Fri, 31 Dec 2021 18:37:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6769
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13555
x-xss-protection: 0
last-modified: Mon, 06 Dec 2021 19:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 31 Dec 2022 18:37:15 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame EDBA 0
0 65ms
65ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211207&jk=2827967899293983&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 65ms
64ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211207&jk=2827967899293983&bg=!kJOlk9fNAAZKWFskSlg7ACkAdvg8WvB64QUKkN56HZsEO4GtHvZUlWKIjp3DVkCESahbuzgvdu7-9wIAAABPUgAAAAtoAQeZAsKZIz5c5BbbTKYJOTqaJk90aivxHQ0xLszMCcR2kxDss1OOj-W1dpeidkqaihzWjyIK4xLLaypuPU_Jlg_4kJ_7JrAcfvVVVmxsdibAp6kaMaUcB8aFQa91C44B6tGj63Lv_pT7E2_wyw-YLimEsMVL-nsOpqdUAhTUbJ_1-4pkYC0Ur-ThvTAhbKAkzvRtExTIO8vQmjMTdPg0vTATGFJ567IUME4wYVqmd0R4FvxgwlJeUGd9KRViDNfkdWbE3leS5SZlYTwexGJdFMqebap6xYxDoy3pTY0GteNOcwsO5Zs2StH-PMRRBE4k_FM3yL0ywOFsVA2p3QLbAccEGnnfXKHERSOsSRR8JLYIiz10n9rVxOru9OmMNTUQPNhEI-95hogKtk2gYQl8utl4K_ruVcVmBzdYHXqYgemKbAGeh2Ia54imehL7rqmjBOCbDDICX_-0BMyalDr5Bht6gJ0io4ju_oTTwAMb5GPnGDVOTHJ-iO27TNxa991n-86PpCU1IxZJ3TBPUTNeWFdsGEtLQUIv_oKJtywMRUPGlKmwov_TEtAY1_-3DSyMCtah0QwVt6Im4Yb-N3-6fxSNAPHxyeCLvB6gOV8t7NwK58x632ZXnaXozLoT0J0i7U93xPPKivXHreUskT4XD_JHOhpHEaZlNU6vz-bLpQ-XcBDZsDsz-qei2LExdXfo7RO4xHvB13ZGDc4KYK8PcUP2bVfTLbARDMRza2exUJxpZAofPBA2e79c2jSoZHnEmcr1aitG8tlMqaPmJO0baesAC7JA9mWf8cEjA91SAt5eD8nrm5vIp8ykT_AooIRX99ziu4mtgTaX-gjPA-OESnJlVUyN4P5t2NlI7ICnh0tIl5IAUlHOwuSB99dc4CjWvjrZG0jF72XsuUHrxA22-tqV9AKcSuBhouFB4Wsin8qpgngUQaHE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.dnsqueries.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 20:30:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FD42 42 B
64 B 62ms
62ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstb6TqEdsBrW63BIj58rgBt2k5aT8Dy6DDgnEYxqUKTZaVDKHUs-ikjE-DBJ0FLMFn7fckV1x5O9oGfXQkFOtIVTg&sig=Cg0ArKJSzBN4np8-se3_EAE&id=lidar2&mcvt=1001&p=0,0,90,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1357928632&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640982603797&rpt=447&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 20:30:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame AEA7 0
127 B 28ms
27ms Ping
text/plain 178.250.0.162
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.162 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 31 Dec 2021 20:30:05 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame BEA9 42 B
64 B 65ms
64ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssehwh5IL3EZ90QKfwVZpdzLr3Q5olsE2ZiTNy66T7OjjFBUYaZY2pM3iTEISVxNDbO-mls5xt-dYqsTSyQ8sPiphjGw0CegUreODmn&sai=AMfl-YRqT8dh9p_s4diejwomvVVuIz0j0C0kiuRtMN85kupE2S28TzxaSRYrUvqHlNF4G7JCQHvqDZviYTSs&sig=Cg0ArKJSzPvuzaZFqkpFEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3958737129&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1640982603749&rpt=890&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 31 Dec 2021 20:30:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: s7.addthis.com
URL: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html

Verdicts & Comments Add Verdict or Comment

131 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

15 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.dnsqueries.com/	1970-01-20 00:34:21	Name: DNSQSES Value: ucte83r9i1ghr9514rcqs0kb61
.criteo.com/	1970-01-20 09:11:18	Name: uid Value: a56c97a2-966a-4d40-b26f-63d573c97fba
.criteo.com/	1970-01-19 23:49:46	Name: zdi Value: *1wV1KXhP%252bDaSnqY%252fugbla7Q%253d%253d
.dnsqueries.com/	1969-12-31 23:59:59	Name: __utmc Value: 128042073
.dnsqueries.com/	1970-01-20 04:12:30	Name: __utmz Value: 128042073.1640982604.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.dnsqueries.com/	1970-01-19 23:49:43	Name: __utmt Value: 1
.dnsqueries.com/	1970-01-20 17:20:54	Name: __utma Value: 128042073.1766974436.1640982604.1640982604.1640982604.1
.dnsqueries.com/	1970-01-19 23:49:44	Name: __utmb Value: 128042073.1.10.1640982604
www.dnsqueries.com/	1970-01-20 09:19:57	Name: __atuvc Value: 1%7C52
www.dnsqueries.com/	1970-01-19 23:49:44	Name: __atuvs Value: 61cf684b4b799c60000
.addthis.com/	1970-01-20 09:19:57	Name: uvc Value: 1%7C52
.dnsqueries.com/	1970-01-20 09:11:18	Name: __gads Value: ID=fa81be241f51aa8c-224055a712cd00a5:T=1640982603:RT=1640982603:S=ALNI_MYqrt09CmU-LQ6cfFACHzDOTsUtnw
.addthis.com/	1970-01-20 09:19:57	Name: loc Value: MDAwMDBFVUdCMDAyMzE1MTc3NDA0NzAwMDBDSA==
.doubleclick.net/	1970-01-20 09:11:18	Name: IDE Value: AHWqTUnTKrDu4yzxYl79RY_G-5YpxMhfnyMK259e_8LAJETq1UwDYT6agqNVLdQv80Y
.doubleclick.net/	1970-01-19 23:49:46	Name: DSID Value: NO_DATA

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.dnsqueries.com/en/(Line 879) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://cas.criteo.com/delivery/ajs.php?zoneid=109772&nodis=1&cb=13643931039&exclude=undefined&charset=UTF-8&loc=https%3A//www.dnsqueries.com/en/, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://cas.criteo.com/delivery/ajs.php?zoneid=109772&nodis=1&cb=13643931039&exclude=undefined&charset=UTF-8&loc=https%3A//www.dnsqueries.com/en/(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
security	error	URL: https://cas.criteo.com/delivery/ajs.php?zoneid=109772&nodis=1&cb=13643931039&exclude=undefined&charset=UTF-8&loc=https%3A//www.dnsqueries.com/en/(Line 16) Message: Mixed Content: The page at 'https://www.dnsqueries.com/en/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
javascript	warning	URL: https://cas.criteo.com/delivery/ajs.php?zoneid=109772&nodis=1&cb=13643931039&exclude=undefined&charset=UTF-8&loc=https%3A//www.dnsqueries.com/en/(Line 16) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, http://pagead2.googlesyndication.com/pagead/show_ads.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.dnsqueries.com/en/(Line 949) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.dnsqueries.com/en/(Line 949) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
cas.criteo.com
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
dnsqueries.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
m.addthis.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
s7.addthis.com
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
v1.addthisedge.com
www.dnsqueries.com
www.google.com
www.googletagservices.com
www.gstatic.com
z.moatads.com
pagead2.googlesyndication.com
s7.addthis.com
104.84.56.126
142.250.185.66
151.236.220.81
178.250.0.139
178.250.0.160
178.250.0.162
178.250.2.138
2.18.235.40
2606:4700::6810:135e
2a00:1450:4001:801::2002
2a00:1450:4001:801::2008
2a00:1450:4001:80f::2002
2a00:1450:4001:811::2003
2a00:1450:4001:827::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:400c:c06::9d
2a02:2638:1::3
2a02:2638::18
2a02:2638::2
020955fd3837dd877909c76cc028016841da7328966f541eed03a3f78724d550
048a252135ee5da45dcd64a8afb068f30a0509106c7bd86ba76078db4b34581a
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0f087179a6701817d2812e762bab41a14fc3329e7fc9753170e04d664ba13254
1037f1e0d1ae470df705a7179a41aa2c969aec5ff56771a7438edc74fc46a9f5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
127672d4912f86d7cbdeab0c1ccd9536aa33f335a7b1609d3a3939c1d778220e
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
19a26d6046c4fcfe9e3efbc1fb7532f424c6b0b7590b9e193788e30bce8b9836
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
2f0e02a1a81c92bc013db7b3060a44de356480b8e33e0406955be1f6b529f1ab
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
37d4474256e24c3deaf55f3ea85c976918c8c2e56cab9f1466dcf4bc0c299057
3ae5851fa64a3e3f9e33b06b228c7c1c9876e47b4697321bb2f1d352f01c6db7
3c3f6879bffc26777b976769e25ab82c17581dc558f43916ca557a2af8002b98
4130c3113578efc2523b4c4577dacd2ba2f650fcc16a21e87f3b237d4a03ce7d
42c4b1df69cbc485b2b8aeb0b6e184afe7e4218cc52943b3fcad4850d9c2937b
469b5ea8ee669cbcd83e122054b5c4fe7fe30016b956eb76ff03016187ba181c
4de3ba7104d2c09b0a66c63f2dee198836fcdba8579a404bc797ae95c99efdee
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4eb47c68ac9077f1e280110c8fc3924c999530f327393a85d9ba70f246f814bb
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57df81f30bffd0cd0506f9c49928b51a62b29a10724967319232de51d3108118
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f64597444ea4b4c2fdab3d42f7fcfe7c560a81b15345c6a6dab3df259ea14c
67e4722ca1296416545d73eac4d4366d214bd3c35556f3a17d6da2ca97eb0e53
6e34fd0fb91254609b4f0c9697b530d43e08f7d6b935c9c13e9d4cefd7625938
6e8062457920f1f32edd09ab582a5cab162bd2369eea5a625d0b976d09d402b8
72a7fea793e4986622cee62cbb513db6fe20074ab143d8cf584ac85fbfeb4a93
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7d5780c8c920e669d465de3712650a4e57c75f8a31b8bb9cde70d6b66be61486
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
89de23cd938277afae942b5e7141b046234b75ac3aab2e23b2b97086f9df8d68
8b2f0d7807e6bb0d085adfc4f082583c37c500fa1a2ac7bcc9d9cf57eb572b05
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f5315ed9f5e070e85a60e405d9aac92286319c20c2fcb39cc2d6c01090c652d
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
8fae3152d895062f781e838055e070ff2be69764287f7b1a74ccb5acc885a9de
915775223c8be90a7aaf112418261a0821ec0e23f9ee09fd85876eb6a9309152
9edf9a3dc72d5f54dcadfa360873976a90217540cbdefb4d448fa2d99783cc70
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aaf9e0e625d57bc97f1c0adb3967e8fea030c34f6a49f865f82b5cf81acde6ee
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
bbf18ae550d420504652ee7304deb5b21ae4c2e500bbd0e13489298a6b9a314d
bcbca911d56b5748ff17596104be8b295f6530bf3f2d7ff995e5a4305deed5b1
bea247983ca180be0fad113d757998a16d93d200715e45eb57ecead9e1e12f61
c2652b280087b6479b7703779da4be80b4c621edbf465e34f5e5314d8835a84c
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
d005c0c1c7b9d73886d460532761bc6f9febd421afb6e86032fbb2b49e521f14
d18e325fb9d96280b6a048f24665fb1bafbd4b610b7515d378b5820b7bfe87a8
d4d467cd2bcc7775ca5c044976372f4833305575eafd85b76dac4e1192a874e5
d853164105815c3ea423a95f095ee531f547ff1e12fba56a80be0f712c62929e
d9955b485ec10339d863941175c02572657bf9d4f6c5fa2e5603e7d803c1b8cf
dde6576bba0bad522d319d2b71f2df16ea422150ea04756f5df07c231d6024ae
e093ec8d4284b81b37a602b1cb2548f23a513c0d7a6877e3ab0cbd244bebc84a
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3e0d2df0844e4f1eb494c8fe69185abae463c563407c6cd0468b35f11c38afd
ec6be311b5fba3afc69c8db70f87bf1ae8a1ac065cc587fab1117806ff76852f
ecba82694d99a6fef23a95c651d9025380be76ad88d1afce62853947ebb03184
ee76b8806ea26cc81875137c4f340f1e45961c7b08bf8403bd9e69eb75a6b654
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7b07adcf2524db7ca534f18c4cca3b8b15d7ebe670098098dd65ed9319b8dbe
fba3416ca54fea2dd270b618915c2c4dbe20c28424074fed9746ab0837801604
ffb89f1f1fa54e822805cddf1f6ec0492cd8b806b36a921eda855241d1eee914

www.dnsqueries.com Open in urlscan Pro 151.236.220.81 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

97 %HTTPS

67 %IPv6

16 Domains

27 Subdomains

25 IPs

5 Countries

988 kBTransfer

2315 kBSize

15 Cookies

3 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dnsqueries.com Open in urlscan Pro
151.236.220.81 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

97 %
HTTPS

67 %
IPv6

16
Domains

27
Subdomains

25
IPs

5
Countries

988 kB
Transfer

2315 kB
Size

15
Cookies

98 HTTP transactions
3 data transactions