navyadministration.tpub.com Open in urlscan Pro
47.206.86.53 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://navyadministration.tpub.com/
Effective URL:
https://navyadministration.tpub.com/
Submission: On March 07 via api (March 7th 2024, 10:26:46 am UTC) from US — Scanned from DE

Summary HTTP 91 Redirects Links 32 Behaviour Indicators

Summary

This website contacted 17 IPs in 4 countries across 10 domains to perform 91 HTTP transactions. The main IP is 47.206.86.53, located in New Port Richey, United States and belongs to FRONTIER-FRTR, US. The main domain is navyadministration.tpub.com.
TLS certificate: Issued by R3 on January 28th 2024. Valid for: 3 months.

This is the only time navyadministration.tpub.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 7	47.206.86.53 47.206.86.53	5650 (FRONTIER-...) (FRONTIER-FRTR)
23	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2004	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:810::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
22	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2003	15169 (GOOGLE) (GOOGLE)
91	17

7 47.206.86.53 (New Port Richey, United States) 1 redirects

ASN5650 (FRONTIER-FRTR, US)
PTR: static-47-206-86-53.tamp.fl.frontiernet.net

navyadministration.tpub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.tpub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2008 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	criteo.net static.criteo.net — Cisco Umbrella Rank: 677 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10026 csm.eu.criteo.net — Cisco Umbrella Rank: 9677	503 KB
26	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	543 KB
8	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 84 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	87 KB
7	tpub.com 1 redirects navyadministration.tpub.com www.tpub.com — Cisco Umbrella Rank: 862057	39 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9660 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15045 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10817	98 KB
3	gstatic.com www.gstatic.com	16 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 228	10 KB
2	google-analytics.com 1 redirects ssl.google-analytics.com — Cisco Umbrella Rank: 585	17 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	3 KB
1	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	2 KB
91	10

	Domain	Requested by
23	pagead2.googlesyndication.com	navyadministration.tpub.com pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
22	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
7	imageproxy.eu.criteo.net	ads.eu.criteo.com
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
4	www.tpub.com	navyadministration.tpub.com
3	www.gstatic.com	navyadministration.tpub.com googleads.g.doubleclick.net
3	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
3	navyadministration.tpub.com	1 redirects navyadministration.tpub.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	ssl.google-analytics.com	1 redirects navyadministration.tpub.com
2	www.google.com	navyadministration.tpub.com tpc.googlesyndication.com
1	fonts.googleapis.com	navyadministration.tpub.com
1	stats.g.doubleclick.net	navyadministration.tpub.com
91	17

This site contains links to these domains. Also see Links.

Domain
archive.tpub-products.com
www.tpub-products.com
www.google.com
www.tpub.com
advancement.tpub.com
navydiving.tpub.com
draftingmanuals.tpub.com
engineeringtraining.tpub.com
bulkfoodrecipes.tpub.com
mathematics.tpub.com
music.tpub.com
nuclearpowertraining.tpub.com
photographymanuals.tpub.com
religionmanuals.tpub.com
www.tpub-testing.com

Subject Issuer	Validity	Valid
*.tpub.com R3	`2024-01-28` - `2024-04-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2024-05-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-19` - `2024-05-13`	3 months	crt.sh

This page contains 12 frames:

Primary Page: https://navyadministration.tpub.com/
Frame ID: E9C6C48226574A4AE138EB944C3CA911
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: AEB34C6A34BC1D432959AD2702F3B147
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8029680191306394&output=html&adk=1812271804&adf=3025194257&lmt=1709807201&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnavyadministration.tpub.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709807201580&bpp=7&bdt=92&idt=204&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=964848357680&frm=20&pv=2&ga_vid=1844916422.1709807202&ga_sid=1709807202&ga_hid=1338788145&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44798934%2C95322746%2C95325752%2C95323761%2C95321865%2C95324160%2C95325785%2C95326431%2C95326936&oid=2&pvsid=2418207218918721&tmod=515364894&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=220
Frame ID: B367477A222CEBBAA0EEEC162BEC5185
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8029680191306394&output=html&h=280&adk=4070374814&adf=1951942945&pi=t.aa~a.3082258534~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709807201&rafmt=1&to=qs&pwprc=6135623729&format=1200x280&url=https%3A%2F%2Fnavyadministration.tpub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709807201587&bpp=1&bdt=99&idt=220&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=964848357680&frm=20&pv=1&ga_vid=1844916422.1709807202&ga_sid=1709807202&ga_hid=1338788145&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44798934%2C95322746%2C95325752%2C95323761%2C95321865%2C95324160%2C95325785%2C95326431%2C95326936&oid=2&pvsid=2418207218918721&tmod=515364894&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=222
Frame ID: 74B3AA9EA1ABE0EC8CC33C888C319464
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZemWYQAM_8kDohCRAA7BLMsLsHDvDJylnZkgzg&u=%7CFodTPVBpBeuB6ewHiAs8dRaxKDuZLmjXXNT0H4OLKCU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8S6ub-dpiYZSE6qiEwejXibAsPntX_K8EsqsJLfLEWMrPVDFms68oDZCA5kCPMUSPltFhg_ktiG3VJ9gJTW8U4KhntPaEMUDTwBipMrp5AztXmeTOqmcpvjVezkPaXj2fC_epIqC9HgDs6o7Uvj0aYBVroN3S3kN__x4BAeNX8IUfM4ruwJ8NFzUxFbMMOxUXQXI92S9c3u_AmKD7nwblQItXkQst0JqRZ7J80-k5U7-zATUSkITvjhiz84OyhqXaud3jfS43mLMOBaiKWjc8sBbvs3GQwgVHwAh1LpQ7_35ZRCQgzxBjDiyv0BnqfBbrlutpoVvV0vEbFc1c5FJiqRsWkdOKNIXq8rFY2BwdWtBJjvm0UuGF1X7Tjh865NyC9upPooglp3OO7a9Rq07QZEWVvUvc3mqs9KP-vmlj60wXhhDYk-5u3M7NU5DdLAtQJvf3ElHC7KFVY7dBY5YBMpJYuOMui8Fvuwd1r6X3UbKmHenwbjv2Z6_csbZDGag8RjaHduhr6kSz6Z8GuVFJSRu9Vy5EqwaF8rvOZ6og0RIeFNQ8F1KQSNgvrjHUdWGdE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjuCTYZbpZcn_M5GhiM0PrIK78A7JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwMjk2ODAxOTEzMDYzOTTIAQmpAp2Ka-hlSLI-qAMByAMCqgTgAU_QtGuzeJR_ecy2SzOl7nl0ctVpwnaZhiWo0-uHpWu4e9_HD_zASZFqwyi4C-gfVjfX9FopbMepPnNjaY5vjhBd2qzDXq4PrVf5MK4YK0gmIVOdGHFYcjv3HIpPxqmwU19z5epKsiGl2QLBoU7aN-AQMoouo-5geePHI_2AxpAwl-2ZJhtv3ZUEWAN2piG3zX6GHw_1HtIalq2tlBaFpHIFcqlZyFVNez_Ldl-zUaUsP73F-ZQrC-_JCjoBM_5nUZrkTyldSWGmf9inzCFn5gfJ6Qlgh4Ec3U3u7r8leQfVgAau1Zujnafm7CigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggpCJHhgHAQATIH64uA4L-ADToJgECAgICAgJQoSL39wTpYqfmYl_jhhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2D9b6xcrExPPvl2veIiWzjCxordA%26client%3Dca-pub-8029680191306394%26adurl%3D
Frame ID: B6B640B1405B5C04C2C092A0122E54F7
Requests: 19 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 9A36C29D2986EFBA73BD05BA16D111EB
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: E6FEB88A87B02557F767A15C44406622
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: 3041A7452014148E956EB76F83D2C4F7
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZemWYQANj8UKZNrmAAsS46yWa-vC5Cgn3U1Zow&u=%7CBVcHE60kWJB%2B310rg%2FoDHotI7Pmm3bcwzcqAnYRPfss%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8S6ub-dpiYZSE6qiEwejXibNUlff6_MTu5qfuSL6aPvgHMoUQEPpXpFz5fNtrH1n1RN51_KOdNGUkkLauQdCVtZfu52OJbSkpKvxzrjppBKmsi7f31nQMk8JK_v0r0YVn5lvm69AkRJNNSBRRfokikxD8OKTYPtGm1yFmgTNP-Eda_eKnkQeQWt6A0NMVpZ1hXJlKGb9dCKvc1zAmFAtS1fxqha_48ODCjwNrK9D_7uNZa-G_hB_-L5qMehlHlaz2lNKyrfA38qx4mch-JSJDMOa55GL_mFBZ_C9k226mnlCZCA2ppoEY3B7c_XBko2L-W8fMnkRw0Mm7JNkXP-VOubmktXkS52-f8OiMUs56O-hyz-tD75w9xlCd-WSBCpU4lSbhkXn9MjKdtN3DXDy8N3KYb1ZenjiWXASnuYrZPQgec8b3hmcQTBoqK0VQtJR-USlb0AYhGzPH2gmHs0qflN-5Eg2z32WQl8dg5SnmaqoXKuyuh7ujy9dS5eXwdkl6au1Hbx_fiFTAXYOpZMZJW7vDMRnKe8aIVvHbE8iMNoDKPWyqUaM3N-i0wyBRhGF4A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXsTvYZbpZcWfNua1kwPjpazgCMme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODAyOTY4MDE5MTMwNjM5NMgBCakCnYpr6GVIsj6oAwHIAwKqBNQBT9AtngwxI86LSnZjVW5s0T3afbxhLmIlQKfbo0jlX_47BWm3olEYHAS6rCHwmj9C-vxKOY0_AGLN5mF9gbbp-KTwD2kz6cp93lQivH1PMM14_cu_L7WJv0WdHPGm1TAoZ2-jzDJzaPCsXWaDnjVDHLeKnY0CKy-S9JwSc6604SoI6dHm24DqgmSyJZ3i-jMqpAQce2xPjW9ksl7abOC3-_-92GGuMhBSZx_W4e790sa1U7W616M6j5peo_FlOEOSqkSp-QKKWGHwu_2Vik9EW8e_g-qABq7Vm6Odp-bsKKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCkIkeGAcBABMgfri4Dgv4ANOgmAQICAgICAlChIvf3BOljGoJiX-OGEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1JXAY-QQoBDCLaR-HsXee8KVGZkA%26client%3Dca-pub-8029680191306394%26adurl%3D
Frame ID: 9B0239A7C4898336F0215AAEF8409573
Requests: 20 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 3C80D327FC958D2BB97D0720BAD8679B
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7DCC378ED16F1362B8CFFA3B72D8BF3D
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js
Frame ID: BE87BA29C8A0D9E4562974E90996E06B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Navy Administration Training Manuals

Page URL History Show full URLs

http://navyadministration.tpub.com/ HTTP 301
https://navyadministration.tpub.com/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

91
Requests

96 %
HTTPS

88 %
IPv6

10
Domains

17
Subdomains

17
IPs

4
Countries

1317 kB
Transfer

2915 kB
Size

7
Cookies

32 Outgoing links

These are links going to different origins than the main page.

URL: http://archive.tpub-products.com/
Title: Click Here to

Search URL Search Domain Scan URL

URL: http://archive.tpub-products.com/product_info.php?products_id=28
Title: Click Here to

Search URL Search Domain Scan URL

URL: http://www.tpub-products.com/archive/?../../subscribers/./Administration/Naval_Administration/main.htm?../../subscribers/./Administration/Naval_Administration/main.htm
Title: Click Here to

Search URL Search Domain Scan URL

URL: http://www.tpub-products.com/archive/?../../subscribers/./Administration/Naval_Administration/main.htm

Search URL Search Domain Scan URL

URL: http://www.google.com/

Search URL Search Domain Scan URL

URL: https://www.tpub.com/contact.htm

Search URL Search Domain Scan URL

URL: https://www.tpub.com/
Title: Home

Search URL Search Domain Scan URL

URL: https://advancement.tpub.com/
Title: Advancement

Search URL Search Domain Scan URL

URL: https://www.tpub.com/meteorology.htm
Title: Aerographer

Search URL Search Domain Scan URL

URL: https://www.tpub.com/automotive.htm
Title: Automotive

Search URL Search Domain Scan URL

URL: https://www.tpub.com/aviation1.htm
Title: Aviation

Search URL Search Domain Scan URL

URL: https://www.tpub.com/combat.htm
Title: Combat

Search URL Search Domain Scan URL

URL: https://www.tpub.com/construction.htm
Title: Construction

Search URL Search Domain Scan URL

URL: https://navydiving.tpub.com/
Title: Diving

Search URL Search Domain Scan URL

URL: https://draftingmanuals.tpub.com/
Title: Draftsman

Search URL Search Domain Scan URL

URL: https://engineeringtraining.tpub.com/
Title: Engineering

Search URL Search Domain Scan URL

URL: https://www.tpub.com/electronics.htm
Title: Electronics

Search URL Search Domain Scan URL

URL: https://bulkfoodrecipes.tpub.com/
Title: Food and Cooking

Search URL Search Domain Scan URL

URL: https://mathematics.tpub.com/
Title: Math

Search URL Search Domain Scan URL

URL: https://www.tpub.com/medical1.htm
Title: Medical

Search URL Search Domain Scan URL

URL: https://music.tpub.com/
Title: Music

Search URL Search Domain Scan URL

URL: https://nuclearpowertraining.tpub.com/
Title: Nuclear Fundamentals

Search URL Search Domain Scan URL

URL: https://photographymanuals.tpub.com/
Title: Photography

Search URL Search Domain Scan URL

URL: https://religionmanuals.tpub.com/
Title: Religion

Search URL Search Domain Scan URL

URL: https://www.tpub.com/cds
Title: Educational CD-ROM's

Search URL Search Domain Scan URL

URL: http://www.tpub-products.com/archive
Title: Downloadable Books

Search URL Search Domain Scan URL

URL: http://www.tpub-testing.com/

Search URL Search Domain Scan URL

URL: https://www.tpub.com/privacy.htm
Title: Privacy Statement

Search URL Search Domain Scan URL

URL: https://www.tpub.com/index/index.htm
Title: Press Release

Search URL Search Domain Scan URL

URL: https://www.tpub.com/copyright.htm
Title: Copyright Information.

Search URL Search Domain Scan URL

URL: https://www.tpub.com/sponsor/index.htm
Title: Support Integrated Publishing

Search URL Search Domain Scan URL

URL: http://www.tpub.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://navyadministration.tpub.com/ HTTP 301
https://navyadministration.tpub.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=960039150&utmhn=navyadministration.tpub.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Navy%20Administration%20Training%20Manuals&utmhid=1338788145&utmr=-&utmp=%2F&utmht=1709807201540&utmac=UA-557784-1&utmcc=__utma%3D239192774.1786054042.1709807202.1709807202.1709807202.1%3B%2B__utmz%3D239192774.1709807202.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=787035&utmredir=1&utmu=qBAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-557784-1&cid=1786054042.1709807202&jid=787035&_v=5.7.2&z=960039150

91 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
navyadministration.tpub.com/
Redirect Chain

http://navyadministration.tpub.com/
https://navyadministration.tpub.com/

56 KB
10 KB

388ms
129ms

Document
text/html

47.206.86.53
FRONTIER-FRTR

General

Check archive.org

Show headers Download Go to

Full URL: https://navyadministration.tpub.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 47.206.86.53 New Port Richey, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS: static-47-206-86-53.tamp.fl.frontiernet.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 6f020e05b2c91895887f196c6278224dbb4ca575175070e41d2e30aa38bd8395

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Length: 9622
Content-Type: text/html; charset=UTF-8
Date: Thu, 07 Mar 2024 10:26:41 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: Keep-Alive
Content-Length: 337
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 07 Mar 2024 10:26:41 GMT
Keep-Alive: timeout=5, max=100
Location: https://navyadministration.tpub.com/
Server: Apache/2.4.38 (Debian)

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 148 KB
51 KB 70ms
50ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3b7e63f79a4466b336f5bfba0f9486b905b0a9ea5d434f07d1c560cbf73d5884

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51263
x-xss-protection: 0
server: cafe
etag: 2286085822461662697
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Thu, 07 Mar 2024 10:26:41 GMT

GET
H/1.1 200
OK title.jpg
navyadministration.tpub.com/ 19 KB
19 KB 127ms
126ms Image
image/jpeg 47.206.86.53
FRONTIER-FRTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://navyadministration.tpub.com/title.jpg
Requested by: Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 47.206.86.53 New Port Richey, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS: static-47-206-86-53.tamp.fl.frontiernet.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 06ba1f01ef5e0a32dc3f24aa29356430fe95be6879f4fbc8a602c51c1718dfb5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Thu, 07 Mar 2024 10:26:41 GMT
Last-Modified: Sun, 13 Apr 2014 01:04:06 GMT
Server: Apache/2.4.38 (Debian)
ETag: "4cd9-4f6e224b92d80"
Content-Type: image/jpeg
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 19673

GET
H/1.1 200
OK pdf.gif
www.tpub.com/ 725 B
1010 B 485ms
133ms Image
image/gif 47.206.86.53
FRONTIER-FRTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tpub.com/pdf.gif
Requested by: Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 47.206.86.53 New Port Richey, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS: static-47-206-86-53.tamp.fl.frontiernet.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 5a8a10fc4e3810b67ab5d55dd51de0d4f6d5d9fe9250cdca17037b6aa310de80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Thu, 07 Mar 2024 10:26:41 GMT
Last-Modified: Sun, 24 Sep 2006 04:13:13 GMT
Server: Apache/2.4.38 (Debian)
ETag: "2d5-41e2b4aba6840"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 725

GET
H2 200 Logo_25wht.gif
www.google.com/logos/ 2 KB
2 KB 59ms
38ms Image
image/gif 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/logos/Logo_25wht.gif

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4488333adcd7deb7572caaa680e1a4d9df638ed0738f20b064408fd67fac9428

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:41 GMT
x-content-type-options: nosniff
last-modified: Thu, 03 Oct 2019 12:00:00 GMT
server: sffe
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/gif
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1607
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Thu, 07 Mar 2024 10:26:41 GMT

GET
H/1.1 200
OK partstopleft.gif
www.tpub.com/ 2 KB
2 KB 501ms
135ms Image
image/gif 47.206.86.53
FRONTIER-FRTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tpub.com/partstopleft.gif
Requested by: Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 47.206.86.53 New Port Richey, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS: static-47-206-86-53.tamp.fl.frontiernet.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 851f979057e063a62adb3cc28198e8ff23f08e5dddc49851ff1bf35922efb7a4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Thu, 07 Mar 2024 10:26:41 GMT
Last-Modified: Thu, 17 May 2007 11:27:57 GMT
Server: Apache/2.4.38 (Debian)
ETag: "8d6-430a8c229c940"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 2262

GET
H/1.1 200
OK certified.gif
www.tpub.com/ 4 KB
4 KB 488ms
134ms Image
image/gif 47.206.86.53
FRONTIER-FRTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tpub.com/certified.gif
Requested by: Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 47.206.86.53 New Port Richey, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS: static-47-206-86-53.tamp.fl.frontiernet.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: fe804efafab06c80d1e96082d3c36d84570b5ca193ae53251b28ea94e42ac0ba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Thu, 07 Mar 2024 10:26:41 GMT
Last-Modified: Sat, 13 May 2006 03:28:56 GMT
Server: Apache/2.4.38 (Debian)
ETag: "105e-413a30d9f8e00"
Content-Type: image/gif
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 4190

GET
H/1.1 200
OK 75logo.png
www.tpub.com/ 2 KB
2 KB 495ms
136ms Image
image/png 47.206.86.53
FRONTIER-FRTR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tpub.com/75logo.png
Requested by: Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 47.206.86.53 New Port Richey, United States, ASN5650 (FRONTIER-FRTR, US),
Reverse DNS: static-47-206-86-53.tamp.fl.frontiernet.net
Software: Apache/2.4.38 (Debian) /
Resource Hash: 62221513bd6ecf4c132a98886c22917a6870b0f419982c25ea619340f48c2bbc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Date: Thu, 07 Mar 2024 10:26:41 GMT
Last-Modified: Thu, 13 Aug 2015 09:00:12 GMT
Server: Apache/2.4.38 (Debian)
ETag: "778-51d2d901b5f00"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1912

GET mobile.css
www.tpub.com/ 0
0

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:810::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 07 Mar 2024 09:54:57 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 1904
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17168
expires: Thu, 07 Mar 2024 11:54:57 GMT

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2

200

collect
stats.g.doubleclick.net/r/
Redirect Chain

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=960039150&utmhn=navyadministration.tpub.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-...
https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-557784-1&cid=1786054042.1709807202&jid=787035&_v=5.7.2&z=960039150

35 B
337 B

63ms
21ms

Image
image/gif

2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-557784-1&cid=1786054042.1709807202&jid=787035&_v=5.7.2&z=960039150

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 07 Mar 2024 10:26:41 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Thu, 07 Mar 2024 10:26:41 GMT
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/html; charset=UTF-8
location: https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-557784-1&cid=1786054042.1709807202&jid=787035&_v=5.7.2&z=960039150
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 364
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/ 405 KB
137 KB 65ms
65ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8029680191306394&plah=navyadministration.tpub.com&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

125d29c641c2703341ae3d24cc9a25063a23f80c08407876f007a9c4e9a627b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:41 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140471
x-xss-protection: 0
server: cafe
etag: 15278352187315444574
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 10:26:41 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/ Frame AEB3 9 KB
4 KB 32ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://navyadministration.tpub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11493
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 07:15:08 GMT
etag: 5035419970550746386
expires: Thu, 21 Mar 2024 07:15:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame B367 238 KB
60 KB 455ms
455ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8029680191306394&output=html&adk=1812271804&adf=3025194257&lmt=1709807201&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fnavyadministration.tpub.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20~21&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709807201580&bpp=7&bdt=92&idt=204&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=964848357680&frm=20&pv=2&ga_vid=1844916422.1709807202&ga_sid=1709807202&ga_hid=1338788145&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44798934%2C95322746%2C95325752%2C95323761%2C95321865%2C95324160%2C95325785%2C95326431%2C95326936&oid=2&pvsid=2418207218918721&tmod=515364894&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8029680191306394&plah=navyadministration.tpub.com&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c8e184db8ab383f96ca519bd6b6926801b3a955765dfea989b0d28d5b7e3ce1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://navyadministration.tpub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 60977
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 10:26:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74B3 35 KB
14 KB 194ms
194ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8029680191306394&output=html&h=280&adk=4070374814&adf=1951942945&pi=t.aa~a.3082258534~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709807201&rafmt=1&to=qs&pwprc=6135623729&format=1200x280&url=https%3A%2F%2Fnavyadministration.tpub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709807201587&bpp=1&bdt=99&idt=220&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=964848357680&frm=20&pv=1&ga_vid=1844916422.1709807202&ga_sid=1709807202&ga_hid=1338788145&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44798934%2C95322746%2C95325752%2C95323761%2C95321865%2C95324160%2C95325785%2C95326431%2C95326936&oid=2&pvsid=2418207218918721&tmod=515364894&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=222

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

87dc05646a87ec6de8fd11282a672082c5ee940c9d0b49a73a1b409fea6f2a01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://navyadministration.tpub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14224
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 10:26:42 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 74B3 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8029680191306394&output=html&h=280&adk=4070374814&adf=1951942945&pi=t.aa~a.3082258534~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709807201&rafmt=1&to=qs&pwprc=6135623729&format=1200x280&url=https%3A%2F%2Fnavyadministration.tpub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709807201587&bpp=1&bdt=99&idt=220&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=964848357680&frm=20&pv=1&ga_vid=1844916422.1709807202&ga_sid=1709807202&ga_hid=1338788145&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44798934%2C95322746%2C95325752%2C95323761%2C95321865%2C95324160%2C95325785%2C95326431%2C95326936&oid=2&pvsid=2418207218918721&tmod=515364894&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=222

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 10:16:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 74B3 20 KB
8 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 14:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:42:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 74B3 207 KB
63 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64070
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 11:16:29 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame B6B6 129 KB
46 KB 99ms
54ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZemWYQAM_8kDohCRAA7BLMsLsHDvDJylnZkgzg&u=%7CFodTPVBpBeuB6ewHiAs8dRaxKDuZLmjXXNT0H4OLKCU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8S6ub-dpiYZSE6qiEwejXibAsPntX_K8EsqsJLfLEWMrPVDFms68oDZCA5kCPMUSPltFhg_ktiG3VJ9gJTW8U4KhntPaEMUDTwBipMrp5AztXmeTOqmcpvjVezkPaXj2fC_epIqC9HgDs6o7Uvj0aYBVroN3S3kN__x4BAeNX8IUfM4ruwJ8NFzUxFbMMOxUXQXI92S9c3u_AmKD7nwblQItXkQst0JqRZ7J80-k5U7-zATUSkITvjhiz84OyhqXaud3jfS43mLMOBaiKWjc8sBbvs3GQwgVHwAh1LpQ7_35ZRCQgzxBjDiyv0BnqfBbrlutpoVvV0vEbFc1c5FJiqRsWkdOKNIXq8rFY2BwdWtBJjvm0UuGF1X7Tjh865NyC9upPooglp3OO7a9Rq07QZEWVvUvc3mqs9KP-vmlj60wXhhDYk-5u3M7NU5DdLAtQJvf3ElHC7KFVY7dBY5YBMpJYuOMui8Fvuwd1r6X3UbKmHenwbjv2Z6_csbZDGag8RjaHduhr6kSz6Z8GuVFJSRu9Vy5EqwaF8rvOZ6og0RIeFNQ8F1KQSNgvrjHUdWGdE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjuCTYZbpZcn_M5GhiM0PrIK78A7JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwMjk2ODAxOTEzMDYzOTTIAQmpAp2Ka-hlSLI-qAMByAMCqgTgAU_QtGuzeJR_ecy2SzOl7nl0ctVpwnaZhiWo0-uHpWu4e9_HD_zASZFqwyi4C-gfVjfX9FopbMepPnNjaY5vjhBd2qzDXq4PrVf5MK4YK0gmIVOdGHFYcjv3HIpPxqmwU19z5epKsiGl2QLBoU7aN-AQMoouo-5geePHI_2AxpAwl-2ZJhtv3ZUEWAN2piG3zX6GHw_1HtIalq2tlBaFpHIFcqlZyFVNez_Ldl-zUaUsP73F-ZQrC-_JCjoBM_5nUZrkTyldSWGmf9inzCFn5gfJ6Qlgh4Ec3U3u7r8leQfVgAau1Zujnafm7CigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggpCJHhgHAQATIH64uA4L-ADToJgECAgICAgJQoSL39wTpYqfmYl_jhhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2D9b6xcrExPPvl2veIiWzjCxordA%26client%3Dca-pub-8029680191306394%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

6b2ae81abbb44934d64f6d7237ebde5af048c1af905177c5424973e937a4633d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 10:26:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=wZ6FUM0P3BhjqOlvjcyZGwN8r_XnUwv-tPIJC047hB_Ym1OnX_qwbHQiwHlJsarGYIA-zMAhH32ihzUWn_JdigEGz0YVCxKsi4jPvO1s3vjfKYegRXDMgqTL9kKe-f-a9sd5PNMhlX3C_ssURhKpjxulyuG3o3LKjtNzVYilQV2b3mXiVgqUc_MvVKHU4MxAttKFK94pPFJenaFwZaW2KoHnzxuTuvzPviv85KvWnA03e39LlM2v6jpyhLCTBh-yuzFsuw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 37160850
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 74B3 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4c815909df9dc0afe5071b80daaace57c1e0b8cca29395a42fadb7e1e38ebe63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 74B3 0
19 B 41ms
41ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C4BWdYZbpZcn_M5GhiM0PrIK78A7JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwMjk2ODAxOTEzMDYzOTTIAQmpAp2Ka-hlSLI-qAMByAMCqgTdAU_QtGuzeJR_ecy2SzOl7nl0ctVpwnaZhiWo0-uHpWu4e9_HD_zASZFqwyi4C-gfVjfX9FopbMepPnNjaY5vjhBd2qzDXq4PrVf5MK4YK0gmIVOdGHFYcjv3HIpPxqmwU19z5epKsiGl2QLBoU7aN-AQMoouo-5geePHI_2AxpAwl-2ZJhtv3ZUEWAN2piG3zX6GHw_1HtIalq2tlBaFpHIFcqlZyFVNez_Ldl-zUaUsP73F-ZQrC63LK6iBoC5a90rDlaV9oMWoWNIRxg9_ZLMB1K-SOJ8wxdUkep_MgAau1Zujnafm7CigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggpCJHhgHAQATIH64uA4L-ADToJgECAgICAgJQoSL39wTpYqfmYl_jhhAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItODAyOTY4MDE5MTMwNjM5NBgA&sigh=UD6XCXLEUYQ&uach_m=%5BUACH%5D&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8029680191306394&output=html&h=280&adk=4070374814&adf=1951942945&pi=t.aa~a.3082258534~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709807201&rafmt=1&to=qs&pwprc=6135623729&format=1200x280&url=https%3A%2F%2Fnavyadministration.tpub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709807201587&bpp=1&bdt=99&idt=220&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=964848357680&frm=20&pv=1&ga_vid=1844916422.1709807202&ga_sid=1709807202&ga_hid=1338788145&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44798934%2C95322746%2C95325752%2C95323761%2C95321865%2C95324160%2C95325785%2C95326431%2C95326936&oid=2&pvsid=2418207218918721&tmod=515364894&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=222
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Mar 2024 10:26:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 74B3 0
126 B 58ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=mJueF8z6RLAJmAKdg2ICAgAAALIxqwFzqhpXEGGW6WXP48kJ8kq0r7eDAAASAAAKCkFRVURBUUVQQVE3_Zf3gqe7skEv08RLTtCo&wp=ZemWYQAM_8kDohCRAA7BLMsLsHDvDJylnZkgzg&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:41 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 158285
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame B6B6 2 KB
1 KB 40ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZemWYQAM_8kDohCRAA7BLMsLsHDvDJylnZkgzg&u=%7CFodTPVBpBeuB6ewHiAs8dRaxKDuZLmjXXNT0H4OLKCU%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8S6ub-dpiYZSE6qiEwejXibAsPntX_K8EsqsJLfLEWMrPVDFms68oDZCA5kCPMUSPltFhg_ktiG3VJ9gJTW8U4KhntPaEMUDTwBipMrp5AztXmeTOqmcpvjVezkPaXj2fC_epIqC9HgDs6o7Uvj0aYBVroN3S3kN__x4BAeNX8IUfM4ruwJ8NFzUxFbMMOxUXQXI92S9c3u_AmKD7nwblQItXkQst0JqRZ7J80-k5U7-zATUSkITvjhiz84OyhqXaud3jfS43mLMOBaiKWjc8sBbvs3GQwgVHwAh1LpQ7_35ZRCQgzxBjDiyv0BnqfBbrlutpoVvV0vEbFc1c5FJiqRsWkdOKNIXq8rFY2BwdWtBJjvm0UuGF1X7Tjh865NyC9upPooglp3OO7a9Rq07QZEWVvUvc3mqs9KP-vmlj60wXhhDYk-5u3M7NU5DdLAtQJvf3ElHC7KFVY7dBY5YBMpJYuOMui8Fvuwd1r6X3UbKmHenwbjv2Z6_csbZDGag8RjaHduhr6kSz6Z8GuVFJSRu9Vy5EqwaF8rvOZ6og0RIeFNQ8F1KQSNgvrjHUdWGdE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCjuCTYZbpZcn_M5GhiM0PrIK78A7JntKxXPXalvdwwI23ARABIABgleKQgqAHggEXY2EtcHViLTgwMjk2ODAxOTEzMDYzOTTIAQmpAp2Ka-hlSLI-qAMByAMCqgTgAU_QtGuzeJR_ecy2SzOl7nl0ctVpwnaZhiWo0-uHpWu4e9_HD_zASZFqwyi4C-gfVjfX9FopbMepPnNjaY5vjhBd2qzDXq4PrVf5MK4YK0gmIVOdGHFYcjv3HIpPxqmwU19z5epKsiGl2QLBoU7aN-AQMoouo-5geePHI_2AxpAwl-2ZJhtv3ZUEWAN2piG3zX6GHw_1HtIalq2tlBaFpHIFcqlZyFVNez_Ldl-zUaUsP73F-ZQrC-_JCjoBM_5nUZrkTyldSWGmf9inzCFn5gfJ6Qlgh4Ec3U3u7r8leQfVgAau1Zujnafm7CigBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggpCJHhgHAQATIH64uA4L-ADToJgECAgICAgJQoSL39wTpYqfmYl_jhhAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2D9b6xcrExPPvl2veIiWzjCxordA%26client%3Dca-pub-8029680191306394%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame B6B6 2 KB
1 KB 42ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame B6B6 308 B
636 B 39ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame B6B6 293 B
621 B 49ms
23ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame B6B6 43 B
348 B 59ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Oia9h_RGndcqH72k13QkISns5Pr8AbBxJ3WkWbG7WRFBqr2Rd7KAUWjUOXyeYJn0wXcbfEM0LlkSXiFIuWuc7aGG40lVu_61PQ5J5z93b_IXJ_2mjndkB4WuKGgZR-NxStbhb45OkXMd_vDb1m9m5vI_TTcsKb7EowrVg_XYX60PM603IZhnm8PmZsz9cGW1kru2zL3i6pMYDNPcoaaZCcCYKlJV7IdbfjXCQoMRrJC749SbR_PiFDEgPMEYc9KIEPcaKekPjF0O-XWh2pbiWn0hLWi6Ux3cv5pAhV8YxhXl_bY05Y0QCshsB2dx0L9jL0iAUwxkqbvhVh3QdMsUsUinESWA1Bgl5NGt6PxfoznSFlMN2DJTws4WrMzTqweOyS8NMNvE_EKP1Ft1shobokxxbV26uzl7eh9nTEeHTwJSifaHeqei_dGKwOKhlydK94eliw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 10:26:41 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1577849
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame B6B6 12 KB
5 KB 33ms
16ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 62112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xxg%2F85%2ByjF9I2zYU0n7BLW5fokQHCIp3yRcZi1MkorPRODbnT6k4M%2B2SX4cCq3xgwD1gFa%2BXek4RN1Tom%2FGaT216auztputT7krRJQxOplWB9UKU%2Bkod4iw%2B1P72afH8VnyWbNkaF6SmKJgrtz%2FBTEoV"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8609e3856cab8ef5-FRA
expires: Tue, 25 Feb 2025 10:26:42 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame B6B6 12 KB
6 KB 30ms
16ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B6B6 10 KB
10 KB 72ms
29ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=38751&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F38751%2F5269491%2F463eb64fcbe24d8489038776967c41b8_vertical_logo.png&v=3&w=196&rid=4&s=7zhLekGvLL9KrqpRxS28MDN6

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

583689e16176622ae5aaab300eb58ac97a2f55df2a45f299de3715b4971165e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10094
expires: Tue, 25 Feb 2025 03:58:17 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B6B6 158 KB
158 KB 78ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=38751&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F38751%2F5336453%2F5aa650a64f9443438dc2a8b18f3c8a04_img_horizontal_1.jpg&v=3&w=1200&rid=4&s=7PUSvE2rHgQ2XuzR-1M8eS29

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb11fc1ffc08a7b94a71eae3b803957bc417fff43617e779e31b2f6c78a5bb9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 161454
expires: Sat, 01 Mar 2025 16:31:36 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame B6B6 15 KB
16 KB 69ms
26ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?cq=256&h=800&m=0&partner=38751&q=80&r=0&u=https%3A%2F%2Fcloud.camper.com%2Fis%2Fimage%2FJGNhbXBlcjgwMCQ%3D%2FK201630-002_F.jpg&v=3&w=800&rid=4&s=OIgd_bmgeLk87VprLmaA55_3&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2945263a023c2b281de3ec6d41b340887ac118a1596bc4e92cce03c7165be76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:41 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=259200
timing-allow-origin: *
content-length: 15826
expires: Sat, 09 Mar 2024 13:08:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame B6B6 0
128 B 38ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=wZ6FUM0P3BhjqOlvjcyZGwN8r_XnUwv-tPIJC047hB_Ym1OnX_qwbHQiwHlJsarGYIA-zMAhH32ihzUWn_JdigEGz0YVCxKsi4jPvO1s3vjfKYegRXDMgqTL9kKe-f-a9sd5PNMhlX3C_ssURhKpjxulyuG3o3LKjtNzVYilQV2b3mXiVgqUc_MvVKHU4MxAttKFK94pPFJenaFwZaW2KoHnzxuTuvzPviv85KvWnA03e39LlM2v6jpyhLCTBh-yuzFsuw&sds=2&rev=91031&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Mar 2024 10:26:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame B6B6 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame B6B6 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame B6B6 682 B
665 B 15ms
13ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame B6B6 682 B
665 B 16ms
14ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame B6B6 23 KB
23 KB 57ms
32ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame B6B6 23 KB
23 KB 40ms
24ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 63ms
49ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240306&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

99d9c85bdaf58542d0989fbab9356b955819f98452a0482931121f2fb72d28cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12373
x-xss-protection: 0

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/ 166 KB
56 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402290101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f7c783200e24f0e5af3aa837d20bac64ee63841933aadc74f594fcb79ca360d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57313
x-xss-protection: 0
server: cafe
etag: 12205672769841880647
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 10:26:42 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame 9A36 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://navyadministration.tpub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 07:15:33 GMT
etag: 5035419970550746386
expires: Thu, 21 Mar 2024 07:15:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/ Frame E6FE 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://navyadministration.tpub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 11469
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 07:15:33 GMT
etag: 5035419970550746386
expires: Thu, 21 Mar 2024 07:15:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 75ms
54ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 07 Mar 2024 10:26:42 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 3041 14 KB
2 KB 40ms
18ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Thu, 07 Mar 2024 09:28:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 07 Mar 2024 10:26:42 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 3041 2 KB
822 B 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 14:55:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 70288
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:55:14 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/ Frame 3041 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/abg_lite_fy2021.js

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 10:16:29 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 3041 3 KB
1 KB 9ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 10:16:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame 3041 20 KB
8 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 14:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:42:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 3041 207 KB
63 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64070
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 11:16:29 GMT

GET
H2 200 fae6ba9c9cb9ec876bbde5988f04c6f7.js Show response
www.gstatic.com/mysidia/ Frame 3041 36 KB
15 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/fae6ba9c9cb9ec876bbde5988f04c6f7.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 22:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 215174
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15132
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 22:04:59 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 22:40:28 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/ Frame 9A36 15 KB
6 KB 12ms
12ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a1433553dad10b1617e945447ce8d2a7a4ce6542ad50fdb8b563f85560cbc3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 21:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6454
x-xss-protection: 0
server: cafe
etag: 9518204868993021864
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:21:36 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9A36 205 B
520 B 31ms
9ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:20 GMT
x-content-type-options: nosniff
age: 226462
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Mar 2025 19:32:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 9A36 604 B
696 B 32ms
10ms Image
image/png 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 08:52:35 GMT
x-content-type-options: nosniff
age: 178447
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 05 Mar 2025 08:52:35 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/ Frame 9A36 22 KB
9 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 21:21:36 GMT
content-encoding: br
x-content-type-options: nosniff
age: 47106
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
server: cafe
etag: 981128176822753981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 21:21:36 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 9B02 160 KB
51 KB 71ms
62ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZemWYQANj8UKZNrmAAsS46yWa-vC5Cgn3U1Zow&u=%7CBVcHE60kWJB%2B310rg%2FoDHotI7Pmm3bcwzcqAnYRPfss%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8S6ub-dpiYZSE6qiEwejXibNUlff6_MTu5qfuSL6aPvgHMoUQEPpXpFz5fNtrH1n1RN51_KOdNGUkkLauQdCVtZfu52OJbSkpKvxzrjppBKmsi7f31nQMk8JK_v0r0YVn5lvm69AkRJNNSBRRfokikxD8OKTYPtGm1yFmgTNP-Eda_eKnkQeQWt6A0NMVpZ1hXJlKGb9dCKvc1zAmFAtS1fxqha_48ODCjwNrK9D_7uNZa-G_hB_-L5qMehlHlaz2lNKyrfA38qx4mch-JSJDMOa55GL_mFBZ_C9k226mnlCZCA2ppoEY3B7c_XBko2L-W8fMnkRw0Mm7JNkXP-VOubmktXkS52-f8OiMUs56O-hyz-tD75w9xlCd-WSBCpU4lSbhkXn9MjKdtN3DXDy8N3KYb1ZenjiWXASnuYrZPQgec8b3hmcQTBoqK0VQtJR-USlb0AYhGzPH2gmHs0qflN-5Eg2z32WQl8dg5SnmaqoXKuyuh7ujy9dS5eXwdkl6au1Hbx_fiFTAXYOpZMZJW7vDMRnKe8aIVvHbE8iMNoDKPWyqUaM3N-i0wyBRhGF4A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXsTvYZbpZcWfNua1kwPjpazgCMme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODAyOTY4MDE5MTMwNjM5NMgBCakCnYpr6GVIsj6oAwHIAwKqBNQBT9AtngwxI86LSnZjVW5s0T3afbxhLmIlQKfbo0jlX_47BWm3olEYHAS6rCHwmj9C-vxKOY0_AGLN5mF9gbbp-KTwD2kz6cp93lQivH1PMM14_cu_L7WJv0WdHPGm1TAoZ2-jzDJzaPCsXWaDnjVDHLeKnY0CKy-S9JwSc6604SoI6dHm24DqgmSyJZ3i-jMqpAQce2xPjW9ksl7abOC3-_-92GGuMhBSZx_W4e790sa1U7W616M6j5peo_FlOEOSqkSp-QKKWGHwu_2Vik9EW8e_g-qABq7Vm6Odp-bsKKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCkIkeGAcBABMgfri4Dgv4ANOgmAQICAgICAlChIvf3BOljGoJiX-OGEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1JXAY-QQoBDCLaR-HsXee8KVGZkA%26client%3Dca-pub-8029680191306394%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0203fe0f1114b98d0913f69652f9bf0331292250a7017bdf0285639f5e544790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 10:26:41 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=HgooG80P3BhjqOlvg0OanjEvYFTQdbpH5_BlNENrltk5NfiLeDB9-WB2sLF93TUP-LIj3gj4OkKNM-AF9RMt5a6rw6ENW_dQNJNQibc3t2JH-M7fURCq0qoy8kb3vbgdStL3V4SaD_dyw0rFNFbxaA9ahgaxUC3K4WD7h14qGzSv8Qp3qBJoK-7P1AT7X-gsp_SdOViwf05LOYOFTdaGXX119ZZbFJ3Vv3__QQO7dlV7iu_vgzgm7q6gxwe5G55uhuYgcw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 48070177
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame E6FE 3 KB
1 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 21 Mar 2024 10:16:29 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/ Frame E6FE 20 KB
8 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240306/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Wed, 06 Mar 2024 14:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
age: 71054
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8212
x-xss-protection: 0
server: cafe
etag: 9277691884081322989
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 20 Mar 2024 14:42:28 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame E6FE 207 KB
63 KB 13ms
8ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 613
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64070
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 07 Mar 2024 11:16:29 GMT

GET
DATA 200
OK truncated
/ Frame E6FE 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb0b16ae9ff799399d76502e6377e1b36f92278d7ff31497309ecf22ade9af37

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame E6FE 0
19 B 41ms
40ms Image
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=COf8XYZbpZcWfNua1kwPjpazgCMme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODAyOTY4MDE5MTMwNjM5NMgBCakCnYpr6GVIsj6oAwHIAwKqBNEBT9AtngwxI86LSnZjVW5s0T3afbxhLmIlQKfbo0jlX_47BWm3olEYHAS6rCHwmj9C-vxKOY0_AGLN5mF9gbbp-KTwD2kz6cp93lQivH1PMM14_cu_L7WJv0WdHPGm1TAoZ2-jzDJzaPCsXWaDnjVDHLeKnY0CKy-S9JwSc6604SoI6dHm24DqgmSyJZ3i-jMqpAQce2xPjW9ksl7abOC3-_-92GGuMhBSZx_Wo-zcQEYmg4gcB4TgA7q3B_9CMvWYhFwrTcq3_pNPpdGNEoXQey6ABq7Vm6Odp-bsKKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCkIkeGAcBABMgfri4Dgv4ANOgmAQICAgICAlChIvf3BOljGoJiX-OGEA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04MDI5NjgwMTkxMzA2Mzk0GAA&sigh=3rXlBcIUN90&uach_m=%5BUACH%5D&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 07 Mar 2024 10:26:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame E6FE 0
125 B 13ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=mJueF8z6RO0HfJ2DYgICAAAAsjGrAXOqGlcQYZbpZd0HR3K7_zt61OMAABIAAAoKQVFVREFRRUJBUTf9l_eCp7uyQS_TxEtO0Kg&wp=ZemWYQANj8UKZNrmAAsS46yWa-vC5Cgn3U1Zow&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240306/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:41 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 109083
server: Kestrel
content-length: 0

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 3C80 13 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://navyadministration.tpub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5141
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 09:01:01 GMT
expires: Fri, 07 Mar 2025 09:01:01 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7DCC 829 B
990 B 17ms
16ms Document
text/html 2a00:1450:4001:810::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cbb1856f508f4b3a6b0e0b7ab4db422388512751ad3e740a206655f1ec61c70f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-87VW8uioAZ-0Q-ytbQ3_XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://navyadministration.tpub.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-87VW8uioAZ-0Q-ytbQ3_XQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 07 Mar 2024 10:26:42 GMT
expires: Thu, 07 Mar 2024 10:26:42 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js Show response
pagead2.googlesyndication.com/bg/ Frame BE87 51 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1zgHIv7PRgG-iYsx4Mp4gQSytzfgI2cd0hh8WxdX2bs.js

Requested by

Host: navyadministration.tpub.com
URL: https://navyadministration.tpub.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d7380722fecf4601be898b31e0ca788104b2b737e023671dd2187c5b1757d9bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 03:18:35 GMT
content-encoding: br
x-content-type-options: nosniff
age: 198487
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20147
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 05 Mar 2025 03:18:35 GMT

GET
H3 200 O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js Show response
pagead2.googlesyndication.com/bg/ Frame 3C80 39 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/O8T1Km08OhS5_Tz58jKeajrFynp-IyfJlJwKv1268Sc.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:16:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 613
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15541
x-xss-protection: 0
last-modified: Mon, 04 Mar 2024 15:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 07 Mar 2025 10:16:29 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 9B02 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZemWYQANj8UKZNrmAAsS46yWa-vC5Cgn3U1Zow&u=%7CBVcHE60kWJB%2B310rg%2FoDHotI7Pmm3bcwzcqAnYRPfss%3D%7C&c1=jWCgqsKSUoV3SMf7iUfSyN9Zdtl6nAKbFqSqspWYQC9xOVhUoU3KHrt8RCBjLG-FmsP6T4c8_8S6ub-dpiYZSE6qiEwejXibNUlff6_MTu5qfuSL6aPvgHMoUQEPpXpFz5fNtrH1n1RN51_KOdNGUkkLauQdCVtZfu52OJbSkpKvxzrjppBKmsi7f31nQMk8JK_v0r0YVn5lvm69AkRJNNSBRRfokikxD8OKTYPtGm1yFmgTNP-Eda_eKnkQeQWt6A0NMVpZ1hXJlKGb9dCKvc1zAmFAtS1fxqha_48ODCjwNrK9D_7uNZa-G_hB_-L5qMehlHlaz2lNKyrfA38qx4mch-JSJDMOa55GL_mFBZ_C9k226mnlCZCA2ppoEY3B7c_XBko2L-W8fMnkRw0Mm7JNkXP-VOubmktXkS52-f8OiMUs56O-hyz-tD75w9xlCd-WSBCpU4lSbhkXn9MjKdtN3DXDy8N3KYb1ZenjiWXASnuYrZPQgec8b3hmcQTBoqK0VQtJR-USlb0AYhGzPH2gmHs0qflN-5Eg2z32WQl8dg5SnmaqoXKuyuh7ujy9dS5eXwdkl6au1Hbx_fiFTAXYOpZMZJW7vDMRnKe8aIVvHbE8iMNoDKPWyqUaM3N-i0wyBRhGF4A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCXsTvYZbpZcWfNua1kwPjpazgCMme0rFc9dqW93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItODAyOTY4MDE5MTMwNjM5NMgBCakCnYpr6GVIsj6oAwHIAwKqBNQBT9AtngwxI86LSnZjVW5s0T3afbxhLmIlQKfbo0jlX_47BWm3olEYHAS6rCHwmj9C-vxKOY0_AGLN5mF9gbbp-KTwD2kz6cp93lQivH1PMM14_cu_L7WJv0WdHPGm1TAoZ2-jzDJzaPCsXWaDnjVDHLeKnY0CKy-S9JwSc6604SoI6dHm24DqgmSyJZ3i-jMqpAQce2xPjW9ksl7abOC3-_-92GGuMhBSZx_W4e790sa1U7W616M6j5peo_FlOEOSqkSp-QKKWGHwu_2Vik9EW8e_g-qABq7Vm6Odp-bsKKAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQKoB62-sQLYBwDSCCkIkeGAcBABMgfri4Dgv4ANOgmAQICAgICAlChIvf3BOljGoJiX-OGEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_1JXAY-QQoBDCLaR-HsXee8KVGZkA%26client%3Dca-pub-8029680191306394%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 9B02 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 9B02 308 B
636 B 17ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 9B02 293 B
621 B 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 9B02 43 B
347 B 16ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Kvhk9JpYwnD6vjFtEAUNdbwtXYvBbhX2xnxPCAYsfV9-y-xD3IUWJSuk9I4EhkzkmhCGQchsThN7PS9S0ICU7fd1vqSdWafJN_9ssZNVEx6oD_FA25zu3Dq_lM7kU3oy6j9ox-w6NWAXXYU6U6YqoaG5bVDGC6xXBbItfqN-17xS8PqnqWagjMHOe_YnuNc8KQwl59Jfbm3qxY7YBEZ8dTGNAoBDAjhFxnyvneI-RAXd1sNIHqFRP8_o83wUUYgrrKiOV2uVuJjhe9sKQ-bliDlpokZME4p-sr0pNK8OG8PBl7xXbArBrg7DiuNFhBn_zmkTHpRdwakimuGlSpi9CKl3Miw5OLCITI4xgwiiKHcKAWzaIuOpFarDbbOlGpq9iawJfrvnURcEpsJIyWSWJUhtlsckHD44fMnTgx4r-1BJSfXHDfO9BQkJrz9Y1HQU5yOXUA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1682233
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 9B02 12 KB
5 KB 19ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 62112
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rHg%2FiMpWgwQY7H6JahCHDBnDtbgWyrodt9w7sgBBezhyC9rCZpuV9DyzDG4JZhWnlXVol2W4ea%2FFqEzeScy8chCFS8JRYG%2BGZN70XCFtOUlPbsF%2BttKlGdzCloCAEZ5BTuvn6%2BwHdrmwqYP7ptRC0fKB"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8609e387aff88ef5-FRA
expires: Tue, 25 Feb 2025 10:26:42 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 9B02 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 005LXBl9lDHB2CwEM3UocX1OtvAj2M9glL0J04PiJT6xSQyh2bXevpws80VUhPEbKP8fighA0XR868d79iRNnqqgxwOq7kTT8e4GuvYVjZo9L3icBOBZgEhzyZQ3bDhNKfJskzIv4XjIrWjLdygt9Sf0yvXzMrgZqwmrLo6aL5NmkCWWCyiw9BKfBfTXjRfXlG515...
imageproxy.eu.criteo.net/v1/ Frame 9B02 6 KB
6 KB 15ms
13ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/005LXBl9lDHB2CwEM3UocX1OtvAj2M9glL0J04PiJT6xSQyh2bXevpws80VUhPEbKP8fighA0XR868d79iRNnqqgxwOq7kTT8e4GuvYVjZo9L3icBOBZgEhzyZQ3bDhNKfJskzIv4XjIrWjLdygt9Sf0yvXzMrgZqwmrLo6aL5NmkCWWCyiw9BKfBfTXjRfXlG515ktOSwkGK6F0wEtjbrp

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9ed01bda83942dbcf71892931384bfdb21e206409b58f4f7069422d489934240

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6373
expires: Tue, 25 Feb 2025 03:58:17 GMT

GET
H2 200 00064QacTuSTRWb9t5kU6J0qZrPChJaQPTmBhOeD27HuZ5OBaAmHoyCc7OyfYF4DNShHNh6K8NgsKHgwtcpWcxvSHiUS87IGMyQXAaPVjfYP3Zlt4EykZAx247iXPzrCJwr16Q3llxwN51fNwvTq75Yd95OK1ey8ZPCBE5MLEzxkFa1vNAXvzYzlKzz1KxWUAW3pg...
imageproxy.eu.criteo.net/v1/ Frame 9B02 158 KB
158 KB 21ms
18ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/00064QacTuSTRWb9t5kU6J0qZrPChJaQPTmBhOeD27HuZ5OBaAmHoyCc7OyfYF4DNShHNh6K8NgsKHgwtcpWcxvSHiUS87IGMyQXAaPVjfYP3Zlt4EykZAx247iXPzrCJwr16Q3llxwN51fNwvTq75Yd95OK1ey8ZPCBE5MLEzxkFa1vNAXvzYzlKzz1KxWUAW3pgm9S8Wh8uILFEC8ZfH7PcnIz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

fb11fc1ffc08a7b94a71eae3b803957bc417fff43617e779e31b2f6c78a5bb9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 161454
expires: Sat, 01 Mar 2025 16:31:36 GMT

GET
H2 200 000MX60ZNGZ5x1a73yJWNh7rIint7yNpFXoPd35yV2vHf4ApjwHxbpssyyhCl2Wj7hCZQFsvSh0yzgMfWeELrmNJfvRtAn4I7FX5VBMVYO714yJnRz2lqqxtfTtWoYaV1c63p7eylKJNkNEuOA1cnH5yz1TwGJpwDRaFVRY49WhGrm
imageproxy.eu.criteo.net/v1/ Frame 9B02 19 KB
19 KB 16ms
14ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/000MX60ZNGZ5x1a73yJWNh7rIint7yNpFXoPd35yV2vHf4ApjwHxbpssyyhCl2Wj7hCZQFsvSh0yzgMfWeELrmNJfvRtAn4I7FX5VBMVYO714yJnRz2lqqxtfTtWoYaV1c63p7eylKJNkNEuOA1cnH5yz1TwGJpwDRaFVRY49WhGrm?b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1f023d064e7689cec65e741916158e4e012be6ed3c04a0fd9c5e0cfb867d700f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=259200
timing-allow-origin: *
content-length: 18956
expires: Sat, 09 Mar 2024 03:20:26 GMT

GET
H2 200 001AAkLSodgLmWlBQaUCPxlsEkLdfeEH9hNnSuajme2zI8ksqv70DZTLRUS23w9z58aPt1tgNelMTkMosgAgEtU1VxEuXgksj6nlVi8NvSBB6qJFynEv3uaeG0bK78hviqeGVzAV81FiRRk2iYRSUg7lA4aLJlpXF7gyztW
imageproxy.eu.criteo.net/v1/ Frame 9B02 15 KB
16 KB 17ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/001AAkLSodgLmWlBQaUCPxlsEkLdfeEH9hNnSuajme2zI8ksqv70DZTLRUS23w9z58aPt1tgNelMTkMosgAgEtU1VxEuXgksj6nlVi8NvSBB6qJFynEv3uaeG0bK78hviqeGVzAV81FiRRk2iYRSUg7lA4aLJlpXF7gyztW?b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c2945263a023c2b281de3ec6d41b340887ac118a1596bc4e92cce03c7165be76

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=259200
timing-allow-origin: *
content-length: 15826
expires: Sat, 09 Mar 2024 13:08:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9B02 0
127 B 17ms
15ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=HgooG80P3BhjqOlvg0OanjEvYFTQdbpH5_BlNENrltk5NfiLeDB9-WB2sLF93TUP-LIj3gj4OkKNM-AF9RMt5a6rw6ENW_dQNJNQibc3t2JH-M7fURCq0qoy8kb3vbgdStL3V4SaD_dyw0rFNFbxaA9ahgaxUC3K4WD7h14qGzSv8Qp3qBJoK-7P1AT7X-gsp_SdOViwf05LOYOFTdaGXX119ZZbFJ3Vv3__QQO7dlV7iu_vgzgm7q6gxwe5G55uhuYgcw&sds=2&rev=91031&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Mar 2024 10:26:41 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 9B02 2 KB
1 KB 19ms
17ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 9B02 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7DCC 0
0 37ms
37ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240306&jk=2418207218918721&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

GET
H2 200 lato-400.css
static.criteo.net/design/googlefont/lato/ Frame 9B02 682 B
665 B 13ms
13ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 lato-700.css
static.criteo.net/design/googlefont/lato/ Frame 9B02 682 B
665 B 14ms
14ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
content-encoding: gzip
last-modified: Thu, 08 Dec 2022 14:04:38 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef6-2aa"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 lato-400-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 9B02 23 KB
23 KB 14ms
14ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5c1c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H2 200 lato-700-latin.woff2
static.criteo.net/design/googlefont/lato/ Frame 9B02 23 KB
23 KB 18ms
17ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/lato/lato-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/lato/lato-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/lato/lato-700.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:04:37 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391eef5-5a00"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 02 Mar 2025 10:26:42 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 3C80 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?nzEF9Q
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

date: Thu, 07 Mar 2024 10:26:42 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 74B3 42 B
64 B 40ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZevEr4g1fEFCZxZEx0napeHr1OeOhlAthV_mFXotwS6MteyWyNBl-MqVwpgoyjpbNtui9yM83HoPyM1kbAhHTxpxQ6GrDakCsCCZgPbGiyB6t3be-tIu5rOAgIEAFMJUidwc5qwN3kizC&sig=Cg0ArKJSzF3Twa3DwfZdEAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4070374814&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=574000200&rst=1709807201813&rpt=258&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 10:26:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 39ms
39ms Image
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240306&jk=2418207218918721&bg=!1dal1pnNAAZsmiNCTJo7ADQBe5WfOFz47Wfrpr45JE4-WykYjyErAWUyha880I7FeMVnzaBYxW5l3Jg3gVDaltWeI0pXAgAAAEZSAAAAAmgBBwoAE-ZxelQ0kqgnW9xm2vxOYCK9e3KZAtqUCN0HOYPj151B1SrTLhL2lRkCQ8wfD1u8GFS4jxi7EsmAlQ9K48DrrXPgdzMIVX76w4oER0G6IBce94A7ixUEAacFcasD24EsbgZai7_4twvXa0SJi8P69KunnNuYsCD6xZzgRXmUXUDEay9lrLG1BGDJJ54S6v2i8bJlWOkVuxPJrBgmlUGeVeRYcFYLbk22ChzxCX-UV_Mca0aWay6P7lY1SHEKF2tRW9b0qdlscIzMPcNm3-mOO9XO37XxqxfMUgjv_0Osqt5N0NhV9hwdt9VhgEhmH9FVvPOg8Lit9a--7fqUd8LaCktHu1zzGgTfxvMEVQsEulVjEvEfpVQ-MOW0xEYO0IXiomg7MAQkXAKoSIF63PO3XK5wgZP7V_ipgCDcjhHLumedlKf5gBPOOtLlcOMoqrbC7xz3rqKptRqmS2Uk9Z2UsF8Lmop8YoX0Y4567CnJe_XReaUU48t4sngR5un662SRnhLK5YZLRs8nvsBOfw0dk1qPAGMn74sP2ZJIqk-jKTQcW46IVVSRYDf531EsEZgQ2V3ElxBTtkCjkhbx5ltNR2PIgxeyNtTaunppfwLipCIr7PzYwBfL0d8qpS9Zw0j0ECGzBP96DZxJkQrbrmcVd_7q2xvl2vsNCsNO5pXDefJZoSpimz3FIGhmu6eXfuxsYZCKBTWalKozxdXTsv0pd6LiweC0LKkc0RZgVgWkm_DN3c2JBrd-pN3Tq-YXe1aGIOndxHyaufDTaOzjFzfuEpTrEF6H6VLki6DzJaDqnSLBvkenoVnUN7khb3Y84-xLlBlbTc64NBoVfhyZvJhjEmSO8KYLX5_EOihR4oANfeGHoUhKaArgBaljyHVIyjPAvHdHgpQcz1Z-R3EXgJiKvgRinTr090QuxSPKt-7gJffsm1nr1D2uGlnociSFSts_QscPwN-zP3Ig0-iuzxyvlZdCnfQxFEXvOau8QaT3tcIm
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://navyadministration.tpub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame B6B6 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Mar 2024 10:26:42 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame E6FE 42 B
64 B 39ms
39ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstdbW2118GNGpjaIJlxh7V3FmFZ9luGeqjKHLAGS-kPhDvFqaZ7x2c6K3edB37Ve7Ck8cvQOgxvYsMXOpM-wX4IDX4VtYSEG_ln1NTg8QCAMItnsNqb3zzKd3FelVP9eSnnPnXWxgOafXUl&sig=Cg0ArKJSzMSfkPYxJUsQEAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,766,1000,1116,1258&tos=83,683,234,116,142&v=20240306&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=574000200&rst=1709807202347&rpt=88&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 07 Mar 2024 10:26:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 9B02 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.111 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 07 Mar 2024 10:26:43 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.tpub.com
URL: http://www.tpub.com/mobile.css

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

45 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tpub.com/	1970-01-21 04:32:47	Name: __utma Value: 239192774.1786054042.1709807202.1709807202.1709807202.1
.tpub.com/	1969-12-31 23:59:59	Name: __utmc Value: 239192774
.tpub.com/	1970-01-20 23:19:35	Name: __utmz Value: 239192774.1709807202.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.tpub.com/	1970-01-20 18:56:47	Name: __utmt Value: 1
.tpub.com/	1970-01-20 18:56:49	Name: __utmb Value: 239192774.1.10.1709807202
.tpub.com/	1970-01-20 23:15:59	Name: __eoi Value: ID=5d427473fa4e18da:T=1709807201:RT=1709807201:S=AA-AfjYQW9PPfpjJ-AUlWxhzVFgE
.criteo.com/	1970-01-21 04:18:23	Name: receive-cookie-deprecation Value: 1

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://navyadministration.tpub.com/ Message: Mixed Content: The page at 'https://navyadministration.tpub.com/' was loaded over HTTPS, but requested an insecure element 'http://www.google.com/logos/Logo_25wht.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	warning	URL: https://navyadministration.tpub.com/ Message: Mixed Content: The page at 'https://navyadministration.tpub.com/' was loaded over HTTPS, but requested an insecure element 'http://www.tpub.com/75logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://navyadministration.tpub.com/(Line 1) Message: Mixed Content: The page at 'https://navyadministration.tpub.com/' was loaded over HTTPS, but requested an insecure stylesheet 'http://www.tpub.com/mobile.css'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://navyadministration.tpub.com/(Line 210) Message: Mixed Content: The page at 'https://navyadministration.tpub.com/' was loaded over a secure connection, but contains a form that targets an insecure endpoint 'http://www.google.com/custom'. This endpoint should be made available over a secure connection.
security	warning	URL: https://navyadministration.tpub.com/(Line 272) Message: Mixed Content: The page at 'https://navyadministration.tpub.com/' was loaded over HTTPS, but requested an insecure element 'http://www.google.com/logos/Logo_25wht.gif'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
security	error	URL: https://navyadministration.tpub.com/ Message: Mixed Content: The page at 'https://navyadministration.tpub.com/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	error	URL: https://navyadministration.tpub.com/ Message: Mixed Content: The page at 'https://navyadministration.tpub.com/' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
security	warning	URL: https://navyadministration.tpub.com/ Message: Mixed Content: The page at 'https://navyadministration.tpub.com/' was loaded over HTTPS, but requested an insecure element 'http://www.tpub.com/75logo.png'. This request was automatically upgraded to HTTPS, For more information see https://blog.chromium.org/2019/10/no-more-mixed-messages-about-https.html
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8029680191306394&output=html&h=280&adk=4070374814&adf=1951942945&pi=t.aa~a.3082258534~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1709807201&rafmt=1&to=qs&pwprc=6135623729&format=1200x280&url=https%3A%2F%2Fnavyadministration.tpub.com%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709807201587&bpp=1&bdt=99&idt=220&shv=r20240306&mjsv=m202402290101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=964848357680&frm=20&pv=1&ga_vid=1844916422.1709807202&ga_sid=1709807202&ga_hid=1338788145&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=288&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C42531706%2C44798934%2C95322746%2C95325752%2C95323761%2C95321865%2C95324160%2C95325785%2C95326431%2C95326936&oid=2&pvsid=2418207218918721&tmod=515364894&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=222 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fonts.googleapis.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
navyadministration.tpub.com
pagead2.googlesyndication.com
rtb.nl3.eu.criteo.com
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google.com
www.gstatic.com
www.tpub.com
pagead2.googlesyndication.com
www.tpub.com
178.250.1.6
2606:4700::6811:180e
2a00:1450:4001:80e::2002
2a00:1450:4001:810::2004
2a00:1450:4001:810::2008
2a00:1450:4001:812::2002
2a00:1450:4001:812::2003
2a00:1450:4001:829::200a
2a00:1450:4001:831::2001
2a00:1450:400c:c04::9c
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
47.206.86.53
0203fe0f1114b98d0913f69652f9bf0331292250a7017bdf0285639f5e544790
06ba1f01ef5e0a32dc3f24aa29356430fe95be6879f4fbc8a602c51c1718dfb5
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
125d29c641c2703341ae3d24cc9a25063a23f80c08407876f007a9c4e9a627b9
1f023d064e7689cec65e741916158e4e012be6ed3c04a0fd9c5e0cfb867d700f
2c8e184db8ab383f96ca519bd6b6926801b3a955765dfea989b0d28d5b7e3ce1
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32993a86c58685503a2a375f9ed0ec5813961836562a3b5656fd9eb149a27d4a
3b7e63f79a4466b336f5bfba0f9486b905b0a9ea5d434f07d1c560cbf73d5884
3bc4f52a6d3c3a14b9fd3cf9f2329e6a3ac5ca7a7e2327c9949c0abf5dbaf127
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
4488333adcd7deb7572caaa680e1a4d9df638ed0738f20b064408fd67fac9428
4c815909df9dc0afe5071b80daaace57c1e0b8cca29395a42fadb7e1e38ebe63
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
535487d55c5cbf22bf933588a42e38efdc60bcbd42591420ed217db20cf423c6
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
583689e16176622ae5aaab300eb58ac97a2f55df2a45f299de3715b4971165e1
5a1433553dad10b1617e945447ce8d2a7a4ce6542ad50fdb8b563f85560cbc3e
5a8a10fc4e3810b67ab5d55dd51de0d4f6d5d9fe9250cdca17037b6aa310de80
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62221513bd6ecf4c132a98886c22917a6870b0f419982c25ea619340f48c2bbc
6afee967915e87f217a98c38c9d5ed411a339eac603c3f25364fea36cff27b9a
6b2ae81abbb44934d64f6d7237ebde5af048c1af905177c5424973e937a4633d
6f020e05b2c91895887f196c6278224dbb4ca575175070e41d2e30aa38bd8395
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
851f979057e063a62adb3cc28198e8ff23f08e5dddc49851ff1bf35922efb7a4
87dc05646a87ec6de8fd11282a672082c5ee940c9d0b49a73a1b409fea6f2a01
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
907f0ae9397d82a7dc9eca8dfe6c5b9f0bfea55cd1af9aa9713ca667cfdb8ec4
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
99d9c85bdaf58542d0989fbab9356b955819f98452a0482931121f2fb72d28cf
9ed01bda83942dbcf71892931384bfdb21e206409b58f4f7069422d489934240
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
c2945263a023c2b281de3ec6d41b340887ac118a1596bc4e92cce03c7165be76
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
cbb1856f508f4b3a6b0e0b7ab4db422388512751ad3e740a206655f1ec61c70f
d7380722fecf4601be898b31e0ca788104b2b737e023671dd2187c5b1757d9bb
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e797dd304119008e37d60afe6108fbc5db7fa7c2249b553b407f09997681c15f
eb0b16ae9ff799399d76502e6377e1b36f92278d7ff31497309ecf22ade9af37
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7c783200e24f0e5af3aa837d20bac64ee63841933aadc74f594fcb79ca360d2
fb11fc1ffc08a7b94a71eae3b803957bc417fff43617e779e31b2f6c78a5bb9f
fe804efafab06c80d1e96082d3c36d84570b5ca193ae53251b28ea94e42ac0ba

navyadministration.tpub.com Open in urlscan Pro 47.206.86.53 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

91 Requests

96 %HTTPS

88 %IPv6

10 Domains

17 Subdomains

17 IPs

4 Countries

1317 kBTransfer

2915 kBSize

7 Cookies

32 Outgoing links

Page URL History

Redirected requests

91 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

navyadministration.tpub.com Open in urlscan Pro
47.206.86.53 Public Scan

Screenshot
Live screenshot

Full Image

91
Requests

96 %
HTTPS

88 %
IPv6

10
Domains

17
Subdomains

17
IPs

4
Countries

1317 kB
Transfer

2915 kB
Size

7
Cookies

91 HTTP transactions
2 data transactions