urlscan.io logo urlscan.io
SecurityTrails logo

safec.site Open in urlscan Pro
35.213.146.96  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://safec.site/eid/?n=Fuaadi-Ibrahim
Effective URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Submission: On April 30 via manual from ID — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 21 IPs in 4 countries across 13 domains to perform 78 HTTP transactions. The main IP is 35.213.146.96, located in Singapore, Singapore and belongs to GOOGLE, US. The main domain is safec.site.
TLS certificate: Issued by R3 on April 9th 2022. Valid for: 3 months.
This is the only time safec.site was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

19    35.213.146.96 (Singapore, Singapore)

ASN15169 (GOOGLE, US)
PTR: 96.146.213.35.bc.googleusercontent.com
safec.site
1    2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
7    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
1    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
3    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
7    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
2    2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl.eu.criteo.com
2    2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.fr.eu.criteo.com
14    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    2600:9000:224a:600:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)
secure-gl.imrworldwide.com
2    178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl.eu.criteo.com
4    178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com
pix.eu.criteo.net
3    178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
Apex Domain
Subdomains		 Transfer
21 criteo.net
static.criteo.net — Cisco Umbrella Rank: 634
pix.eu.criteo.net — Cisco Umbrella Rank: 8363
csm.eu.criteo.net — Cisco Umbrella Rank: 8397
42 KB
19 safec.site
safec.site
712 KB
14 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 90
tpc.googlesyndication.com — Cisco Umbrella Rank: 122
216 KB
6 criteo.com
rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11867
ads.eu.criteo.com — Cisco Umbrella Rank: 8360
rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 15009
cat.nl.eu.criteo.com — Cisco Umbrella Rank: 10468
91 KB
6 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 38
24 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 33
20 KB
2 imrworldwide.com
secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1339
1 KB
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 158
74 KB
2 google.com
adservice.google.com — Cisco Umbrella Rank: 63
www.google.com — Cisco Umbrella Rank: 5
2 KB
1 google.de
adservice.google.de — Cisco Umbrella Rank: 8752
792 B
1 googleadservices.com
partner.googleadservices.com — Cisco Umbrella Rank: 744
645 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 55
38 KB
1 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 278
30 KB
78 13
Domain Requested by
19 safec.site 1 redirects safec.site
14 static.criteo.net ads.eu.criteo.com
7 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
7 pagead2.googlesyndication.com safec.site
pagead2.googlesyndication.com
tpc.googlesyndication.com
www.googletagservices.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
4 pix.eu.criteo.net ads.eu.criteo.com
3 csm.eu.criteo.net ads.eu.criteo.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
2 cat.nl.eu.criteo.com ads.eu.criteo.com
2 secure-gl.imrworldwide.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
2 www.googletagservices.com googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 rtb.fr.eu.criteo.com googleads.g.doubleclick.net
1 rtb.nl.eu.criteo.com googleads.g.doubleclick.net
1 adservice.google.com pagead2.googlesyndication.com
1 adservice.google.de pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 www.googletagmanager.com safec.site
1 ajax.googleapis.com safec.site
78 20

This site contains no links.

Subject Issuer Validity Valid
*.safec.site
R3		 2022-04-09 -
2022-07-08		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh
*.nl.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-15 -
2022-06-13		 3 months crt.sh
*.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-19 -
2022-06-18		 3 months crt.sh
*.fr.eu.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-13 -
2022-06-09		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-11 -
2022-07-13		 3 months crt.sh
*.imrworldwide.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-04 -
2023-02-03		 a year crt.sh
*.eu.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-04-10 -
2022-07-04		 3 months crt.sh
www.google.com
GTS CA 1C3		 2022-04-11 -
2022-07-04		 3 months crt.sh

This page contains 9 frames:

Primary Page: https://safec.site/eid/?n=Fuaadi-Ibrahim
Frame ID: DFC7A5B842AFCFEADB0887B094E9A610
Requests: 31 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Frame ID: CD25DAAFE1F9D9290AE4C8502AA0ACA7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&adk=1812271804&adf=3025194257&lmt=1651313998&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998397&bpp=2&bdt=346&idt=226&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1246819109110&frm=20&pv=2&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
Frame ID: 8D7DA18D7FA326AD1901B4BADCC979A9
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=50&slotname=5836092487&adk=2345072409&adf=3501923860&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x50&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998399&bpp=1&bdt=348&idt=246&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=takC68VTv5&p=https%3A//safec.site&dtd=251
Frame ID: 7171D188F14407A2448028C5D783CB8C
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=150&slotname=5836092487&adk=3862490674&adf=3279707966&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x150&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998400&bpp=1&bdt=349&idt=253&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YDpV3NnzmN&p=https%3A//safec.site&dtd=256
Frame ID: ECF299E14F4ADFC2CE284910B69F42DE
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Frame ID: C326DB15627B4C2DA0EC329F615EBE22
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Frame ID: 318C8BC790B8F497C58263211DD7917F
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 25D8826731099E4378E2784C9B850B2F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 0239CF3D500244920AA267A8515445B3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. http://safec.site/eid/?n=Fuaadi-Ibrahim HTTP 301
    https://safec.site/eid/?n=Fuaadi-Ibrahim Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link [^>]+(?:/([\d.]+)/)?animate\.(?:min\.)?css
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

78
Requests

100 %
HTTPS

75 %
IPv6

13
Domains

20
Subdomains

21
IPs

4
Countries

1252 kB
Transfer

2286 kB
Size

5
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://safec.site/eid/?n=Fuaadi-Ibrahim HTTP 301
    https://safec.site/eid/?n=Fuaadi-Ibrahim Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

78 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
safec.site/eid/
Redirect Chain
  • http://safec.site/eid/?n=Fuaadi-Ibrahim
  • https://safec.site/eid/?n=Fuaadi-Ibrahim
37 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
beeb4bec54998475493585ee7ba5c5003c6caeef6abfaac069ba9d691b16e584

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
br
content-type
text/html; charset=UTF-8
date
Sat, 30 Apr 2022 10:19:57 GMT
host-header
8441280b0c35cbc1147f8ba998a563a7
server
nginx
vary
Accept-Encoding
x-httpd-modphp
1
x-proxy-cache
HIT

Redirect headers

Connection
keep-alive
Content-Length
162
Content-Type
text/html
Date
Sat, 30 Apr 2022 10:19:56 GMT
Host-Header
8441280b0c35cbc1147f8ba998a563a7
Location
https://safec.site/eid/?n=Fuaadi-Ibrahim
Server
nginx
X-HTTPS-Enforce
1
X-Proxy-Cache-Info
DT:1
animate.min.css
safec.site/eid/ 		51 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://safec.site/eid/animate.min.css
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b551e4c75f008ea6c51ed1d0c603f0d39d80513e39a57407a122d1f6bcfeae58

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 08:38:52 GMT
server
nginx
etag
W/"620f5b1c-cd81"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
text/css
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 30 Apr 2023 10:19:58 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.3.1/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 16:33:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63984
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30399
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 29 Apr 2023 16:33:34 GMT
slider.js
safec.site/eid/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://safec.site/eid/slider.js
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
6eb960470389c0719fdcd71007165a473a428acfcc2baef804db90ccc2d2deff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
content-encoding
br
last-modified
Fri, 18 Feb 2022 08:40:50 GMT
server
nginx
etag
W/"620f5b92-e14"
vary
Accept-Encoding
x-proxy-cache-info
DT:1
content-type
application/javascript
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
expires
Sun, 30 Apr 2023 10:19:58 GMT
kaaba.png
safec.site/eid/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/kaaba.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
05444c2d420c9b5cb3cc72a24ef738f5e8275b748520c4b31e9e08dd29e71088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Thu, 16 Apr 2020 08:11:24 GMT
server
nginx
etag
"5e98132c-5aa8"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
23208
expires
Sun, 30 Apr 2023 10:19:58 GMT
pr2.jpg
safec.site/eid/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/pr2.jpg
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0665a558389dcda25b4fdd484b46b5fd333a7a795d1ae50d248df9e120e8d3fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Fri, 29 Apr 2022 13:55:19 GMT
server
nginx
etag
"626bee47-10f50"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
69456
expires
Sun, 30 Apr 2023 10:19:58 GMT
pr1.jpg
safec.site/eid/ 		95 KB
95 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/pr1.jpg
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
95f4f9784ae9b3f95c3d8d16d6b1d597927fc983ada31da70e18bd0bb4d6d47c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Fri, 29 Apr 2022 13:55:15 GMT
server
nginx
etag
"626bee43-17a30"
x-proxy-cache-info
DT:1
content-type
image/jpeg
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
96816
expires
Sun, 30 Apr 2023 10:19:58 GMT
rmd6.png
safec.site/eid/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/rmd6.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
de54735d5dd7bf93373c0eb76088f654f590442928f024437b0d86698a91853a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Thu, 16 Apr 2020 01:47:56 GMT
server
nginx
etag
"5e97b94c-173b"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
5947
expires
Sun, 30 Apr 2023 10:19:58 GMT
rmd7.png
safec.site/eid/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/rmd7.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
fa391de02a2f3377317be109e61b75b6f9a9328a7fdbd401aab1b9c2925b15f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Thu, 16 Apr 2020 01:47:56 GMT
server
nginx
etag
"5e97b94c-12a0"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
4768
expires
Sun, 30 Apr 2023 10:19:58 GMT
rmd5.png
safec.site/eid/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/rmd5.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
67669f07114d3220af05615fbb53e308dd9cfcd6cf1e1317b670a6fb66937b30

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Thu, 16 Apr 2020 01:47:58 GMT
server
nginx
etag
"5e97b94e-1034"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
4148
expires
Sun, 30 Apr 2023 10:19:58 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		161 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2893093166034172
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a5b85959307a49ff97c40546e4387286bf6e600dd8695aa662fd339e7dc1d1b3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safec.site/
Origin
https://safec.site
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56116
x-xss-protection
0
server
cafe
etag
10678509659980116644
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 10:19:58 GMT
cooltext409531941208142.png
safec.site/eid/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/cooltext409531941208142.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
5419c263072ba3652d01afb2ac096ea0bed32bffd5b719ba06f83a6e7d62917c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Tue, 26 Apr 2022 11:50:58 GMT
server
nginx
etag
"6267dca2-e60c"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
58892
expires
Sun, 30 Apr 2023 10:19:58 GMT
20220429_081453.png
safec.site/eid/ 		295 KB
295 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/20220429_081453.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
c50e7898cc1a44b195c2a9f1c52140500e3c5358cc505e7433f9e1fcf222e406

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Fri, 29 Apr 2022 03:23:02 GMT
server
nginx
etag
"626b5a16-49bcb"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
302027
expires
Sun, 30 Apr 2023 10:19:58 GMT
ramzan1.png
safec.site/eid/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/ramzan1.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
b91ccfe0a57105f436967805126c5f403f2a5478a5270c6e96a9bc1238399576

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Fri, 17 Apr 2020 07:30:00 GMT
server
nginx
etag
"5e995af8-7c19"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
31769
expires
Sun, 30 Apr 2023 10:19:58 GMT
ramzan2.png
safec.site/eid/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/ramzan2.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0a3e4cb176e9a090bb680a72852b1c70c9dcf3173f6740a0edbe9c125357631c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Fri, 17 Apr 2020 07:29:58 GMT
server
nginx
etag
"5e995af6-7d1b"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
32027
expires
Sun, 30 Apr 2023 10:19:58 GMT
ramzan3.png
safec.site/eid/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/ramzan3.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
dccd009346d7514e18b6b92e46b77bceedad59d0d6f7c6e8e353011054bf13c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Fri, 17 Apr 2020 07:29:58 GMT
server
nginx
etag
"5e995af6-4497"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
17559
expires
Sun, 30 Apr 2023 10:19:58 GMT
ramzan4.png
safec.site/eid/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/ramzan4.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
43cf53fa4ebdfbe29282fda16f5e4a2b3f61317021919965fe0914a403f85da6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Fri, 17 Apr 2020 07:29:56 GMT
server
nginx
etag
"5e995af4-61cc"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
25036
expires
Sun, 30 Apr 2023 10:19:58 GMT
ramzan5.png
safec.site/eid/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/ramzan5.png
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
70b23f90f010e4e005b63b030e9a64475e61c8154c8d8dc3a9ee097531f9426d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Fri, 17 Apr 2020 07:29:56 GMT
server
nginx
etag
"5e995af4-5704"
x-proxy-cache-info
DT:1
content-type
image/png
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
22276
expires
Sun, 30 Apr 2023 10:19:58 GMT
js
www.googletagmanager.com/gtag/ 		98 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-227236341-1
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2fd04ac082ecee400a29137d896b5b84f34abbc116eb2f428dfca6d35ad5848
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38804
x-xss-protection
0
last-modified
Sat, 30 Apr 2022 09:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 30 Apr 2022 10:19:58 GMT
Alla.mp3
safec.site/eid/ 		64 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
https://safec.site/eid/Alla.mp3
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash

Request headers

Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Range
bytes=0-

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Fri, 29 Apr 2022 05:52:03 GMT
server
nginx
etag
"626b7d03-2e37d"
x-proxy-cache-info
DT:1
content-type
audio/mpeg
Content-Range
bytes 0-189308/189309
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
Content-Length
189309
expires
Sun, 30 Apr 2023 10:19:58 GMT
sname.gif
safec.site/eid/img/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://safec.site/eid/img/sname.gif
Requested by
Host: safec.site
URL: https://safec.site/eid/?n=Fuaadi-Ibrahim
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.213.146.96 Singapore, Singapore, ASN15169 (GOOGLE, US),
Reverse DNS
96.146.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
0021cc31ef85472442faea06bf18b65ffa357924a49287f15a124d7883d0b8f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/eid/?n=Fuaadi-Ibrahim
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Sat, 23 Apr 2022 07:53:55 GMT
server
nginx
etag
"6263b093-5030"
x-proxy-cache-info
DT:1
content-type
image/gif
cache-control
max-age=31536000
host-header
8441280b0c35cbc1147f8ba998a563a7
accept-ranges
bytes
content-length
20528
expires
Sun, 30 Apr 2023 10:19:58 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/ 		308 KB
110 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2893093166034172&plah=safec.site
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2893093166034172
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2f6fb3f7d3365581264c0092b59c516e5ba9e685a459be0e3833923ef845986b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112581
x-xss-protection
0
server
cafe
etag
17592425810576487223
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 30 Apr 2022 10:19:58 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/ Frame CD25 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20220427/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2893093166034172
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safec.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
40865
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=1209600
content-encoding
gzip
content-length
4404
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 29 Apr 2022 22:58:53 GMT
etag
3347421328414474149
expires
Fri, 13 May 2022 22:58:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-227236341-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
167
date
Sat, 30 Apr 2022 10:17:11 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Sat, 30 Apr 2022 12:17:11 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1165654206&t=pageview&_s=1&dl=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=2122658595&gjid=2006572440&cid=970377563.1651313999&tid=UA-227236341-1&_gid=597500094.1651313999&_r=1&gtm=2ou4r0&z=1542555857
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://safec.site/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 10:19:58 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://safec.site
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		214 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=safec.site&callback=_gfp_s_&client=ca-pub-2893093166034172
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2893093166034172&plah=safec.site
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s52-in-f2.1e100.net
Software
cafe /
Resource Hash
a1b63680c90d13541a0e07720038d0ba13ef354e795c800c6a149270fee9184d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=safec.site
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2893093166034172&plah=safec.site
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 10:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=safec.site
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2893093166034172&plah=safec.site
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 10:19:58 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8D7D 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&adk=1812271804&adf=3025194257&lmt=1651313998&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998397&bpp=2&bdt=346&idt=226&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1246819109110&frm=20&pv=2&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=242
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2893093166034172&plah=safec.site
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safec.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 10:19:58 GMT
expires
Sat, 30 Apr 2022 10:19:58 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 7171 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=50&slotname=5836092487&adk=2345072409&adf=3501923860&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x50&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998399&bpp=1&bdt=348&idt=246&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=takC68VTv5&p=https%3A//safec.site&dtd=251
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2893093166034172&plah=safec.site
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45c75f4cdba005de22022f42e2988910aff1dcc8102279c9f9e225871be48ced
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safec.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9753
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 10:19:59 GMT
expires
Sat, 30 Apr 2022 10:19:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame ECF2 		23 KB
10 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=150&slotname=5836092487&adk=3862490674&adf=3279707966&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x150&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998400&bpp=1&bdt=349&idt=253&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YDpV3NnzmN&p=https%3A//safec.site&dtd=256
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2893093166034172&plah=safec.site
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b9b9757992f409e3497deaff8812986a8592621bdeedb1f65f92cc6659fcefdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safec.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private
content-encoding
br
content-length
9762
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 10:19:59 GMT
expires
Sat, 30 Apr 2022 10:19:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame ECF2 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=150&slotname=5836092487&adk=3862490674&adf=3279707966&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x150&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998400&bpp=1&bdt=349&idt=253&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YDpV3NnzmN&p=https%3A//safec.site&dtd=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 10:17:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame ECF2 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=150&slotname=5836092487&adk=3862490674&adf=3279707966&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x150&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998400&bpp=1&bdt=349&idt=253&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YDpV3NnzmN&p=https%3A//safec.site&dtd=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Apr 2022 10:19:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame ECF2 		15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=150&slotname=5836092487&adk=3862490674&adf=3279707966&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x150&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998400&bpp=1&bdt=349&idt=253&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YDpV3NnzmN&p=https%3A//safec.site&dtd=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 10:17:27 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame ECF2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CMvGeTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE5gFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t-ATUn2k-AaSMNkaQnoCjwTg2MW1BN3VS0SrQTS51eEIE4qAUyoCoAG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAGACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMjg5MzA5MzE2NjAzNDE3MhgA&sigh=nQKmpVutTww&uach_m=[UACH]&cid=CAQSGwCNIrLMauOJ-N_yOBrzRNB95Di6DdY97zx0iRgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=150&slotname=5836092487&adk=3862490674&adf=3279707966&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x150&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998400&bpp=1&bdt=349&idt=253&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YDpV3NnzmN&p=https%3A//safec.site&dtd=256
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=150&slotname=5836092487&adk=3862490674&adf=3279707966&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x150&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998400&bpp=1&bdt=349&idt=253&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YDpV3NnzmN&p=https%3A//safec.site&dtd=256
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 30 Apr 2022 10:19:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 30 Apr 2022 10:19:59 GMT
notify
rtb.nl.eu.criteo.com/google/auction/ Frame ECF2 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8ELXHMKwClgGdg2ICAgAAAAXSbcyzx6WPEE4NbWJ1s-LvLhXTdBTaPAASAAA&wp=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=150&slotname=5836092487&adk=3862490674&adf=3279707966&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x150&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998400&bpp=1&bdt=349&idt=253&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YDpV3NnzmN&p=https%3A//safec.site&dtd=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
server
Kestrel
server-processing-duration-in-ticks
198025
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame C326 		150 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=150&slotname=5836092487&adk=3862490674&adf=3279707966&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x150&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998400&bpp=1&bdt=349&idt=253&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C300x50&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=1190&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=M%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=3&uci=a!3&fsb=1&xpc=YDpV3NnzmN&p=https%3A//safec.site&dtd=256
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
0e113d7e6bb20f7a8e53dde0ad43e0a60b94069294978feadacd8a12c54ac5ad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 10:19:58 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=W-sYwn6nYoUu7fWCWeLU_diFR1jPFFur0oY2OigMKbQV7DfD0guf4fIqzNT7UkKMVwKgE9pyCALnEXvaGMW8hDEWyCuofihg7EpL0r0vTeWsf2LxewN-Wkxy9aKzJJa1hnghVl45HvJ3JZRGuiAqm9nnLvo1VGNugRS9VF2bVI065T7xjHSa-2ku81nXvjTg7pBCjGHF44us70iNGO6QJ7HgST2R4gRaos7MxWK-d8sCa1LI24yUaVxpWXExhymbqmbm3Q"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
105297396
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 7171 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=50&slotname=5836092487&adk=2345072409&adf=3501923860&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x50&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998399&bpp=1&bdt=348&idt=246&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=takC68VTv5&p=https%3A//safec.site&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:17:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1359
x-xss-protection
0
server
cafe
etag
1484984001845508991
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 10:17:26 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7171 		120 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=50&slotname=5836092487&adk=2345072409&adf=3501923860&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x50&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998399&bpp=1&bdt=348&idt=246&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=takC68VTv5&p=https%3A//safec.site&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37288
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1651059573277210"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Apr 2022 10:19:59 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/ Frame 7171 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220427/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=50&slotname=5836092487&adk=2345072409&adf=3501923860&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x50&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998399&bpp=1&bdt=348&idt=246&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=takC68VTv5&p=https%3A//safec.site&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:17:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
152
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6415
x-xss-protection
0
server
cafe
etag
567849196274905959
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sat, 14 May 2022 10:17:27 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 7171 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CSus4Tg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTfAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpLP5N5DqJT0MVtyu1brauFhYwkvUxDg7h3_X8mgQiBuKGM9TesCGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTI4OTMwOTMxNjYwMzQxNzIYAA&sigh=biU_mgW7suI&uach_m=[UACH]&cid=CAQSGwCNIrLMIn_npJdmxnQ542Jc4IBOfp9TOQOuKhgB
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=50&slotname=5836092487&adk=2345072409&adf=3501923860&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x50&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998399&bpp=1&bdt=348&idt=246&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=takC68VTv5&p=https%3A//safec.site&dtd=251
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=50&slotname=5836092487&adk=2345072409&adf=3501923860&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x50&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998399&bpp=1&bdt=348&idt=246&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=takC68VTv5&p=https%3A//safec.site&dtd=251
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Sat, 30 Apr 2022 10:19:59 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Sat, 30 Apr 2022 10:19:59 GMT
notify
rtb.fr.eu.criteo.com/google/auction/ Frame 7171 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EJTIMKwCMp2DYgICAAAABdJtzLPHpY8QTg1tYnTDGURUrHrW0lwPABIAAA&wp=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=50&slotname=5836092487&adk=2345072409&adf=3501923860&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x50&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998399&bpp=1&bdt=348&idt=246&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=takC68VTv5&p=https%3A//safec.site&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
server
Kestrel
server-processing-duration-in-ticks
298781
content-length
0
strict-transport-security
max-age=31536000; preload;
afr.php
ads.eu.criteo.com/delivery/r/ Frame 318C 		116 KB
42 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2893093166034172&output=html&h=50&slotname=5836092487&adk=2345072409&adf=3501923860&pi=t.ma~as.5836092487&w=300&lmt=1651313998&psa=0&format=300x50&url=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim%23&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1651313998399&bpp=1&bdt=348&idt=246&shv=r20220427&mjsv=m202204260101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1246819109110&frm=20&pv=1&ga_vid=970377563.1651313999&ga_sid=1651313999&ga_hid=1165654206&ga_fc=1&u_tz=0&u_his=12&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=650&ady=15&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44761044%2C31066184&oid=2&pvsid=2694166182461943&pem=460&tmod=670962655&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CeE%7C&abl=NS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=takC68VTv5&p=https%3A//safec.site&dtd=251
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
6df314bba3c954d89b4f6cd2778703ec067f78b5f12a18bb950594d21a2c5fd3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 10:19:59 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=mxt2h36nYoUu7fWCrLexGTfgpshidrJ6_AUzl5fNQln48zr7DXFxHb7dVkLv0uZfPbovdatMhszABPUlnedqttAf6CSlpbr8SijqSSL5yneOyP1guttgt1Clwxuf9Lbf0i38YCEjeyR6v2_J8oVIdC0y-0MT2jKujQifBGFoL1T1s5tJSwhqq04N2vBpRjhVnrc9Aox5LWcRf5k5b0JBJGSc5Ks1PdRzLr9zOoo2257hjVU64tkSUFD0nl3tGQy0w3JfTg"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
81446294
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame ECF2 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cb110f5fc588824092276c56bb54d7f2b95005cf38768a236db670ca2a533442

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame 318C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 318C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 318C 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 25 Apr 2023 10:19:59 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame 318C 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Tue, 25 Apr 2023 10:19:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame 318C 		0
690 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1651313998
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 10:19:59 GMT
via
1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
oEMDwzhkNs9-bheNCBKfC-E_MpFg2vghY-MDjXSyweHtrRQFOShv-Q==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame 318C 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=TnJlI3tobuNrqmsDFc5NOgnd7yGO1qlbprfgXM8GO-2D2GmVDMV6P-svF2Ps6jxXmdQ7sjZ1LtpHiEB5t9k3EOOhDzdujuJTQ5NQnR7aKTj1HfrBT0DadUk3bsh1R6ehPYegTHlY5o6NkqGjG08hgJQD2C-RzuUU46Bio_zwt7QiuFpCvzR7fmdsSWLC4TpdqHo8CAtRohtjhYBnM0aQKd9NlwwAxjG-uLtdHymRadDRz61YGk7WGCpbmzNxbjD4tfLpwwWsiAUk70kd-cSdBhgOXV22zKp-XnkWj-feHfi2iZ_sAW6yf5jyUCmcOgPvc0rVVpxBFpEpP3aj5LXvB2uuRtzIEmLp2wZB_dRakiovpJ8vw4yGlm93hJwbwEx0BgkJYEXWK47O5Ld1jY7B4glD0iH1Y_VvJORbct2C80vng4pF_OhKGsckx80Mqq486tZWcw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 10:19:59 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
3093817
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 318C 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
truncated
/ Frame 7171 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7beafca311d80f096380ca0f406e0bb8c4c104538aa74ec456497fc942db954a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type
image/png
privacy_small.svg
static.criteo.net/flash/icon/ Frame C326 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C326 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C326 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Tue, 25 Apr 2023 10:19:59 GMT
back_button.svg
static.criteo.net/flash/icon/ Frame C326 		507 B
835 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
last-modified
Thu, 01 Apr 2021 14:03:13 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"6065d2a1-1fb"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
507
expires
Tue, 25 Apr 2023 10:19:59 GMT
m
secure-gl.imrworldwide.com/cgi-bin/ Frame C326 		0
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1651313998
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:600:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 10:19:59 GMT
via
1.1 b85afd3a476827aadec8c79e8673c564.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
DUS51-P1
access-control-allow-methods
POST, OPTIONS
p3p
P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin
*
cache-control
no-cache
cross-origin-resource-policy
cross-origin
x-cache
Miss from cloudfront
accept-ch
Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length
0
x-amz-cf-id
-Ft7P9xcbaeLSubx4lHVGybVEmTb0eGXnddy9ltbtdGc7QP0li8ZsA==
expires
Thu, 01 Dec 1994 16:00:00 GMT
lg.php
cat.nl.eu.criteo.com/delivery/ Frame C326 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=6zCM_jRAeCMtoklr5tCZuG5-1KNuFHfrgkMR1qLMhPn0pHwN3OkiLIYL_rvIsGhYcAhb5zoYnj-d09IL8Bf7ELhd4DQYXCXsienF932oDTOC-Ior6Q7uammEoV0Oz0_JXeYXsMHB_gDeFBZGEYrt6zOAHBBrmo2OdehKkk-nOvJuj6GhT5REWdGYoxG60_N_LNHeXmiPe88sA3fiIoDFIKVwNO3x6my0qJDn5oOyL6XvRPU4LdQFrtM7mLn5XXyUHzIcFXxnN8lA92ZTQ5uln9r8YvneZd72qUAeY5Ny8u_iheIRsnrjLAJk09ERG_f2P06lIUbd6MvFOD3G9_5PbwUtLM6bbFlJUmQXPFjY_n4hxiYDMr-vjtf2bQqPqIgTJD6sZPnKstlPs38Hv1pbz11RT0LRHq4IrY1n_mdmtTYw9aMXMJUnVf9G1H2kGfR7_Dj8dA
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 10:19:59 GMT
server
Kestrel
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
2875395
content-type
image/gif
expires
Mon, 26 Jul 1997 05:00:00 GMT
img
pix.eu.criteo.net/img/ Frame 318C 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=96&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=196&s=0zlaS6OYM7ZY6TJbGR6NYQTR
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=30565854
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
5106
expires
Wed, 19 Apr 2023 04:50:53 GMT
all
csm.eu.criteo.net/ Frame 318C 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=mxt2h36nYoUu7fWCrLexGTfgpshidrJ6_AUzl5fNQln48zr7DXFxHb7dVkLv0uZfPbovdatMhszABPUlnedqttAf6CSlpbr8SijqSSL5yneOyP1guttgt1Clwxuf9Lbf0i38YCEjeyR6v2_J8oVIdC0y-0MT2jKujQifBGFoL1T1s5tJSwhqq04N2vBpRjhVnrc9Aox5LWcRf5k5b0JBJGSc5Ks1PdRzLr9zOoo2257hjVU64tkSUFD0nl3tGQy0w3JfTg&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 30 Apr 2022 10:19:58 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 318C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 318C 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
animejs.js
static.criteo.net/animejs/ Frame C326 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
img
pix.eu.criteo.net/img/ Frame C326 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?h=296&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=sj8mdzHeJnnVxCfP2hqhvf0n
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/png
cache-control
public, max-age=31095552
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
6722
expires
Tue, 25 Apr 2023 07:59:12 GMT
img
pix.eu.criteo.net/img/ Frame C326 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F7%2FlogoLufthansa-Technik-Logistik-Services-GmbH-55189DE.gif%3Feb%3D1&v=3&w=400&s=YTDYr58k2pBMYG2uWDNy9rck&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
7be63a69b522d1e24c1dd321dc597fd5a552b0ba3bc5246ae6f926df7a20cb50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=2358233
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
2206
expires
Fri, 27 May 2022 17:23:52 GMT
img
pix.eu.criteo.net/img/ Frame C326 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F3%2FlogoStepStone-GmbH-148733DE.gif%3Feb%3D1&v=3&w=400&s=wSPXg05NAm7YwFBXI_4Y57ix&b=400
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
pix.am5.vip.prod.criteo.com
Software
Finatra /
Resource Hash
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:58 GMT
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Finatra
vary
Origin
content-type
image/webp
cache-control
public, max-age=1299834
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
1770
expires
Sun, 15 May 2022 11:23:52 GMT
all
csm.eu.criteo.net/ Frame C326 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=W-sYwn6nYoUu7fWCWeLU_diFR1jPFFur0oY2OigMKbQV7DfD0guf4fIqzNT7UkKMVwKgE9pyCALnEXvaGMW8hDEWyCuofihg7EpL0r0vTeWsf2LxewN-Wkxy9aKzJJa1hnghVl45HvJ3JZRGuiAqm9nnLvo1VGNugRS9VF2bVI065T7xjHSa-2ku81nXvjTg7pBCjGHF44us70iNGO6QJ7HgST2R4gRaos7MxWK-d8sCa1LI24yUaVxpWXExhymbqmbm3Q&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 30 Apr 2022 10:19:58 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C326 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C326 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMQeIK7EXFAASmSxwoJUXkA8XVl2trsw&u=%7CJk%2FZym3SgfAyvZNsUrMhFIV6KESV3PN39XQBtXLGqBg%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hCm4WbA5OYLPGsfJZSY94lLxGktCW5bpUJSR8yiWDdoKO8F7W5Df8WNTYky6oQJqSjl9b05oGX4k_bOWJ5CKzhX8vaQa7p91WfXZPjf2H8reVTmQi56VvIfzphTkElvkpAOMzolXFGi-5ZGVOy_eVHPhvrNMUdTXH57EKyyZaZu8iMgB3RJ6wluybjs8ikREez1bezPGfXm6mpcjtiy2iPiJWY9yDaKkHyd38tCFzoEstDzGDVwob-CKHW08Ir-IlU16DSzWXE_kIhlvkchRX-yE_2OfcopqkmWwvFnnIkRpZIP8K22Ku0_U5SJnmXKXyH0uwZtYcAB2qo0SOxGRx1sxNUr-8U3S9sPbotbKuszIDxBR0oL0TXt36YYzg2TEQvt5-AZtNWvo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCDk2wTg1tYuKDMcWLsQfLzJLQBcme0rFczfHi3YgBwI23ARABIABgleKQgqAHggEXY2EtcHViLTI4OTMwOTMxNjYwMzQxNzKgAdW20uoDyAEJqQJ0rdIaaLCxPqgDAaoE6QFP0GxIjoDRok3oNZ8epoJp4SD7Ob9Yhe7DGZ5J_x2rSF4po1_Xa35JNQyZQU7MJtSarfI8houH3m5I8GCJK6ri6COqHRP00Id2tLJFZcM3t2HF0OSqX6qNIhKf9ZB-rv03YZWb3DEeUOJN3bzIhhisF9fIg0mav-lF3AQFbqjtXd7Mn-H7KVf586RZQHyGoKWgM5PVBXUb7yt95fWwRx66eaMqzC5fDbAi3CIEspMGREq4LgO3Susi2P8k7cfV9t_CT2hkFG-GW3z4fao4N5rrinccYhlZTa-mZTl0FeiaDFavq8i7td2HV4AG1KCKy6SbqKNsoAYhqAeKmLECqAemvhuoB5bYG6gHqpuxAqgH35-xAtgHANIIBwiA4YAQEAH6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_300OtsOr3d1Yf2zRYPrQsj0eHzjQ%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
strict-transport-security
max-age=31536000; preload;
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 25 Apr 2023 10:19:59 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220427&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2893093166034172&plah=safec.site
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6e54193d0c776e8e24de718ffb542cda05e919f05027903053765b1aced504a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

timing-allow-origin
*
date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
10613
x-xss-protection
0
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1165654206&t=timing&_s=2&dl=https%3A%2F%2Fsafec.site%2Feid%2F%3Fn%3DFuaadi-Ibrahim&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=3020&pdt=2&dns=0&rrt=477&srt=242&tcp=730&dit=1830&clt=1830&_gst=1837&_gbt=1995&_cst=1773&_cbt=1829&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=970377563.1651313999&tid=UA-227236341-1&_gid=597500094.1651313999&gtm=2ou4r0&z=1438676542
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 29 Apr 2022 21:22:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
46626
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204260101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2893093166034172&plah=safec.site
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:19:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 30 Apr 2022 10:19:59 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 25D8 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://safec.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
65
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 10:18:54 GMT
expires
Sun, 30 Apr 2023 10:18:54 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 0239 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
5abf7043eb6be5e7e2e10ebe0352f413c425d771321f24b26ade67813903a822
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-JbNoOXLlrdU+zR3Colw/eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://safec.site/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-JbNoOXLlrdU+zR3Colw/eA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 30 Apr 2022 10:20:00 GMT
expires
Sat, 30 Apr 2022 10:20:00 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
pagead2.googlesyndication.com/bg/ Frame 25D8 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/e8WcSG94vkM93ke5SjF29cSEjmyq7vfry6EL03wtuS4.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Fri, 29 Apr 2022 17:31:07 GMT
content-encoding
br
x-content-type-options
nosniff
age
60533
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13654
x-xss-protection
0
last-modified
Mon, 25 Apr 2022 12:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 29 Apr 2023 17:31:07 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 0239 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220427&jk=2694166182461943&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 25D8 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?WxnF2g
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date
Sat, 30 Apr 2022 10:20:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
activeview
pagead2.googlesyndication.com/pcs/ Frame 7171 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssm-Yo54pyih2BVCaXoDseWMNUEVCnAWENNXp5iUn2KaFprTd1OruAJs6ZOslrNJNjnet6ZvDZkAu2ofw8naSzn&sig=Cg0ArKJSzPSsIRKEgEUREAE&id=lidar2&mcvt=1000&p=0,0,50,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220427&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2345072409&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1651313998651&rpt=704&met=ie&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 30 Apr 2022 10:20:00 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
csm.eu.criteo.net/ Frame 318C 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=mxt2h36nYoUu7fWCrLexGTfgpshidrJ6_AUzl5fNQln48zr7DXFxHb7dVkLv0uZfPbovdatMhszABPUlnedqttAf6CSlpbr8SijqSSL5yneOyP1guttgt1Clwxuf9Lbf0i38YCEjeyR6v2_J8oVIdC0y-0MT2jKujQifBGFoL1T1s5tJSwhqq04N2vBpRjhVnrc9Aox5LWcRf5k5b0JBJGSc5Ks1PdRzLr9zOoo2257hjVU64tkSUFD0nl3tGQy0w3JfTg&sds=2&rev=81333&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Ym0NTgAMU3kKoQWKAABFja1Zh2wPTYluyrXDPQ&u=%7CJk%2FZym3SgfBGe9SNqlIJDzjmk9vqW0OhpGHHHmv6uIY%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdTxuaNL5oFLVMYIExM1x3hiLd1p0ThHUiD-7jw-VdjYsLT8GImq1qBDjIuUK6Kg3VBinPX-FV1QaD-h8UO9afq5UDE2ybodLiRhc78s0RF2lGEfF2COfRoAiNAQYsD_tJ5YXTguvFnZIyrS-9mR96P9vLaCtkgRIgb8s_ATtNGaaDFKeeprmhN35mkqUEyUfYvpFTs8Ie5tfa8NpCps7oEjN2pbzEvSe79eq6lDCo5Mqep_TAP5oyOavzP3VyoQDfLJCCWsHnERnsn8-p_ybYUBGjjr67kHm3_IgV6LITlhPYxictdA5-DySvxDLKhksM67n9oHcO8IvJ421czaIop7g0Mlkh4oGZ9rAb6V5JqmY42DxKM7zReCetVa_pHe5YL97fMEClRRcZvVDFHgUx2xzC799k9AKQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC81MLTg1tYvmmMYqLhAWNi4GoB8me0rFc1Z2R93DAjbcBEAEgAGCV4pCCoAeCARdjYS1wdWItMjg5MzA5MzE2NjAzNDE3MqAB1bbS6gPIAQmpAnSt0hposLE-qAMBqgTiAU_QwhGcU_VPhllVWcFXL-77W9jOls77e9KeXsbtwU_EbkT_Ijbw3tBmjWMis3_hRWUcBNfi49Q4t2zlPd9BSLDNviU0V1Dh0dikq6S7F-W6PXt5YqJKwtzU31kzoX6C4b0GgQW0H6-2BSKMh-si3l-gNPoz2ONEJYNdBCYL4KaC2n4zzUHKUT-emJhW0zTHWV6KEFAS5hSg9JR6eApexrt14clf-NCnkDo380Wmb9PgHM1NIs3xvVlpbvxsdr0G01CqKz8WvosI7h8kmEM7IBZjaz3BPPadGM6etn5ao57U6TuABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_2IOvYivXfZc21Pse9EmjVT7JqD4g%26client%3Dca-pub-2893093166034172%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 30 Apr 2022 10:19:59 GMT
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
strict-transport-security
max-age=31536000; preload;
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220427&jk=2694166182461943&bg=!S0ilSAzNAAZNIUvJbSE7ACkAdvg8Wl9PRKaUqBaVO2IW4vrHFvhYl21MuVLHFz9wxCwLFGogsfDKpwIAAABQUgAAAAJoAQeZAtyugYPP4GeFLKkxXVqs2uXJQlFfReCPbvL6mUbhPgXhNc5lPQ0dbI94zlM1MZXyn8QKWuJYKSuwkT_8NTHh968v16TKxS7-9yereEj6bfIX4iBJ69n2_fZJdyK_kC15tLGKjNh3q3eI6Ba3PAx1vaOLuLIa169cbmYEHPZekKG7CT4o5WCIQSDgUtrGVrmswXlMuxlyXvCUbwX2__SYQciPKxZOhtj4-lffXtMakHi1X0wLz1xmDHMay6HypO5sVMZKX-JL-HiBqzQ_4G1vVOzseWQ7wg8olwTbwfvyhLri1kQVQpqbDb4Lm8MfVb6SZAy4EqDLEwM2noFeS_YD0a4M4Kys1qiONYe6wMSNsyJvNcS5E68eTaNdDN_aebwhB2SN199PW_JsO0dk49HGXYuyD7TvhaTkoNISCb2rnsIbOPgdSytDvwu7KRmou5XFJBViY66bcrjYPq2r17Kum_IkVggbZYyl51vIDKmIlnDb8_8QdwrtBUkxcNrp7znG8iwwwHNKyc7-oYzkO0A0Uci80-1Poc16-YnaE3goGt7cCkxUwREc5kBLixECLF19uGnYaCsR882I_-XCFz51yNxTaFYCL2opeANdJzjjUBAmSG5rYhIz7QTMvyaBdrWl70fqi_Mgs92CAIV4wauv9iN8en9qJDubmyejaERw2-76GxJuhtdRBKyP-Pgbm-AgJE5C9VSgC4aXP13SgjB5d7Oym_0u-95I6wdHI7i6Mhy1FUhl9Jaq4h0GvO7T_vrFS7iOVVSmRAysRm9U0ApeDG4wx8cUdrMCaGYuxpLLBYLwdCaVdtIjoMdJ1JFnL9_pBocTcLbROmwUDFQ4jCHN5ec9K8HdaRP3cpzQvKSylFKE9xkl82rOQfgm8QESu355VcskklEwgTq7x8SkmwoxocD1tcEPlpN3uyR-03FUl_goyhiIPPF3fQWnjhuNUT6o50q6rn45a_umfrHnEvg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://safec.site/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

56 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone function| getScreenDetails function| $ function| jQuery function| play object| adsbygoogle number| myIndex function| carousel number| countDownDate number| x function| gtag object| dataLayer object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac object| google_persistent_state_async boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc object| google_tag_manager string| google_user_agent_client_hint string| GoogleAnalyticsObject function| ga boolean| $curtainopen object| gaplugins object| gaGlobal object| gaData function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| googletag object| GoogleGcLKhOms object| google_image_requests

5 Cookies

Domain/Path Name / Value
.safec.site/ Name: _ga
Value: GA1.2.970377563.1651313999
.safec.site/ Name: _gid
Value: GA1.2.597500094.1651313999
.safec.site/ Name: _gat_gtag_UA_227236341_1
Value: 1
.safec.site/ Name: __gads
Value: ID=07307cace585d4ab-220074ca86cd0066:T=1651313998:RT=1651313998:S=ALNI_MbEkXpS7vwLLPUJq-JhiF_RuY5IGw
.doubleclick.net/ Name: IDE
Value: AHWqTUnpTBvb2nPL6c4Qgn6mIWrNl8vgK70Dct_RXc1zj5cBd1anF1Nu7f_wAl0OMag

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
cat.nl.eu.criteo.com
csm.eu.criteo.net
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
safec.site
secure-gl.imrworldwide.com
static.criteo.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
142.250.185.194
178.250.2.135
178.250.2.148
178.250.2.150
2600:9000:224a:600:1e:a43d:b640:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:800::200a
2a00:1450:4001:80f::2008
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2001
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
35.213.146.96
0021cc31ef85472442faea06bf18b65ffa357924a49287f15a124d7883d0b8f9
05444c2d420c9b5cb3cc72a24ef738f5e8275b748520c4b31e9e08dd29e71088
0665a558389dcda25b4fdd484b46b5fd333a7a795d1ae50d248df9e120e8d3fb
080069b2dce01872cbc2bfcc0b6a2cd9b9a5b9fbb22fc1683ece0cea17aac96f
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0a3e4cb176e9a090bb680a72852b1c70c9dcf3173f6740a0edbe9c125357631c
0e113d7e6bb20f7a8e53dde0ad43e0a60b94069294978feadacd8a12c54ac5ad
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
2f6fb3f7d3365581264c0092b59c516e5ba9e685a459be0e3833923ef845986b
43cf53fa4ebdfbe29282fda16f5e4a2b3f61317021919965fe0914a403f85da6
45c75f4cdba005de22022f42e2988910aff1dcc8102279c9f9e225871be48ced
4debaa04d2f904fbafbc99c074e1f43c082e9d25e400140aa97eac11989dd82e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5419c263072ba3652d01afb2ac096ea0bed32bffd5b719ba06f83a6e7d62917c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5abf7043eb6be5e7e2e10ebe0352f413c425d771321f24b26ade67813903a822
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
67669f07114d3220af05615fbb53e308dd9cfcd6cf1e1317b670a6fb66937b30
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6df314bba3c954d89b4f6cd2778703ec067f78b5f12a18bb950594d21a2c5fd3
6eb960470389c0719fdcd71007165a473a428acfcc2baef804db90ccc2d2deff
70b23f90f010e4e005b63b030e9a64475e61c8154c8d8dc3a9ee097531f9426d
7339fe12f332ac7ecd6e0ef04bb7a48fad9e74be887d67f458548ff33ea4db65
7bc59c486f78be433dde47b94a3176f5c4848e6caaeef7ebcba10bd37c2db92e
7be63a69b522d1e24c1dd321dc597fd5a552b0ba3bc5246ae6f926df7a20cb50
7beafca311d80f096380ca0f406e0bb8c4c104538aa74ec456497fc942db954a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
95f4f9784ae9b3f95c3d8d16d6b1d597927fc983ada31da70e18bd0bb4d6d47c
9b8ae796f30c05937ec5e849cea83f724110455de28d7619809a2b10ea5d803f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1b63680c90d13541a0e07720038d0ba13ef354e795c800c6a149270fee9184d
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5b85959307a49ff97c40546e4387286bf6e600dd8695aa662fd339e7dc1d1b3
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b551e4c75f008ea6c51ed1d0c603f0d39d80513e39a57407a122d1f6bcfeae58
b91ccfe0a57105f436967805126c5f403f2a5478a5270c6e96a9bc1238399576
b9b9757992f409e3497deaff8812986a8592621bdeedb1f65f92cc6659fcefdf
bdc0c59701784258f143dfd4201f28353f080e0900a3530a83702e08c9ff353f
beeb4bec54998475493585ee7ba5c5003c6caeef6abfaac069ba9d691b16e584
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c50e7898cc1a44b195c2a9f1c52140500e3c5358cc505e7433f9e1fcf222e406
cb110f5fc588824092276c56bb54d7f2b95005cf38768a236db670ca2a533442
d6e54193d0c776e8e24de718ffb542cda05e919f05027903053765b1aced504a
dccd009346d7514e18b6b92e46b77bceedad59d0d6f7c6e8e353011054bf13c0
de54735d5dd7bf93373c0eb76088f654f590442928f024437b0d86698a91853a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2fd04ac082ecee400a29137d896b5b84f34abbc116eb2f428dfca6d35ad5848
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fa391de02a2f3377317be109e61b75b6f9a9328a7fdbd401aab1b9c2925b15f4