videoriproduzione.mex.tl Open in urlscan Pro
207.182.141.170 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://videoriproduzione.mex.tl/#0.7984514267228922
Effective URL:
http://videoriproduzione.mex.tl/
Submission: On December 04 via api (December 4th 2023, 10:19:06 pm UTC) from LU — Scanned from DE

Summary HTTP 56 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 56 HTTP transactions. The main IP is 207.182.141.170, located in United States and belongs to ENET-2, US. The main domain is videoriproduzione.mex.tl.

This is the only time videoriproduzione.mex.tl was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
8	207.182.141.170 207.182.141.170	10297 (ENET-2) (ENET-2)
1	2606:4700::68... 2606:4700::6810:f943	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
5	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
9	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
13	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
56	14

8 207.182.141.170 (United States)

ASN10297 (ENET-2, US)
PTR: builder1.pagina.mx

videoriproduzione.mex.tl	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:f943 (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
24	criteo.net static.criteo.net — Cisco Umbrella Rank: 631 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10143 csm.eu.criteo.net — Cisco Umbrella Rank: 9625	361 KB
13	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 tpc.googlesyndication.com — Cisco Umbrella Rank: 148	322 KB
8	mex.tl videoriproduzione.mex.tl	122 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	28 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9522 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16218 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10971	58 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 204	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 206	64 KB
1	fonts.net fast.fonts.net — Cisco Umbrella Rank: 3612	842 B
56	9

	Domain	Requested by
13	imageproxy.eu.criteo.net	ads.eu.criteo.com
9	static.criteo.net	ads.eu.criteo.com
8	pagead2.googlesyndication.com	videoriproduzione.mex.tl pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	videoriproduzione.mex.tl	videoriproduzione.mex.tl
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	csm.eu.criteo.net	ads.eu.criteo.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	www.googletagservices.com	googleads.g.doubleclick.net
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	fast.fonts.net	videoriproduzione.mex.tl
56	14

This site contains no links.

Subject Issuer	Validity	Valid
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-01` - `2024-03-01`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-12-03` - `2024-02-28`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://videoriproduzione.mex.tl/
Frame ID: 68751D229EE5383B09F7B1BFACAD8D4C
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup.html
Frame ID: 8F7C58C8BC30597E59F3AB9AD5C6FAB7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7626426383707726&output=html&adk=1812271804&adf=3025194257&lmt=1504257435&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fvideoriproduzione.mex.tl%2F%230.7984514267228922&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701728342480&bpp=3&bdt=707&idt=262&shv=r20231130&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2431804491220&frm=20&pv=2&ga_vid=1016594027.1701728343&ga_sid=1701728343&ga_hid=799089533&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079714%2C31079864%2C42531706%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1733998888470901&tmod=148946269&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=277
Frame ID: 74D1997368DE2C2C5A5F65B06CE37588
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1
Frame ID: 08564AC8469877B1B57376D2908B8837
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW5QVgAMD6EIEfs0AAyx5MEZUX0GamBQN75u5w&u=%7Cc07gCP36QKdTTQwrWMQfcR6qEL7LZOPFMEu9%2FGBwYqI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAzbwNV_scAGbnK-9rzrehCtRhRxC6CBwLepaDxDcSYyP8mlyxZnKJxqNYSBJR7VfcloTLgzy9NHuueMWWXhh9zzdHzLbmS24wT0MpbO8ePlo2GItSX3kuarD-ppw5QC3v1aK6yoo_p_kqfT25rI8MgK50DBGesL9EYyIhF7-2jnDXCEVMImXThDIaX1nVdeVIJi7z36-SfNTSlhGbD3pwmm46dpxJHRKXPFsQHFrk-ICW5vZD5T-HUMfbCyZTm1EedQyER3WAnJg4iYIEIVmuCbww75E3PQNqO09uZjdO24GEicmklhX-atKVCqaXNP_L3vX9wZRStDC5MDxMjYWbIMu2zfsZ2ObPmNts2JvLlv0dyv-YCbRVzw3wpUq_JPBfkjKIHUep-EiudIFkOOnAWhDW-3FQWwHboJEj51TKEwJjKOpnLUHwD0UFdje8KKlhEd116U5JVx9e7SA83SQYzkmV9bKN7DlPWtFU2UH7n1VcmKn61fMlQOnahxfcTQ4agvH6S5Kl_6TK_ULNVZIerbLpwJNYku0XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC482jVlBuZaGfMLT2x_AP5OOyOMme0rFc9dqW93DAjbcBEAEgAGCV8ouCmAeCARdjYS1wdWItNzYyNjQyNjM4MzcwNzcyNsgBCakCmaQ_vjgmsj6oAwHIAwKqBNkBT9Acdg-ZEe-bCD_lH759EMzfRQD6le8PPkliYHtz11yg2KGvN73yOSSH9k_p5OY447DnH-CdgSYvlwIWWBTiFVOpLLviM_MBllFLk8TW7ScfqhZaci_j4TJAOeLhXNWYj-nESuvaEXQu4wbr6wJYOL9toN7JjtEqoYP5rxqC_CLRkhQddrWRKrIjgRQxtKXDeCoEqI1wMrH0Rs5_k2BYgs_7NQdxqgBDTzgyo9Ix_MEi6pvuAssnEtMU1jhMD1gSDRt7CpGaEAkI4O2v8hI8F-idtGH7-u6mBIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirgYGL6PaCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-Cj77JtucQtJmoJ3mZmPp3bG9zA%26client%3Dca-pub-7626426383707726%26adurl%3D
Frame ID: 68E5BEB7979612596243BEB0F2E8A1AA
Requests: 27 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 53590F1D80EFAB6523CC80ED52F3F4CE
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5EE0A354B2DA65D4BF0D019860F7FE4D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pagina.mx — El sitio web se encuentra bloqueado

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

56
Requests

84 %
HTTPS

85 %
IPv6

9
Domains

14
Subdomains

14
IPs

3
Countries

962 kB
Transfer

2198 kB
Size

3
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

56 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
videoriproduzione.mex.tl/ 2 KB
1 KB 617ms
120ms Document
text/html 207.182.141.170
ENET-2

General

Check archive.org

Show headers Download Go to

Full URL: http://videoriproduzione.mex.tl/
Protocol: HTTP/1.1
Server: 207.182.141.170 , United States, ASN10297 (ENET-2, US),
Reverse DNS: builder1.pagina.mx
Software: nginx /
Resource Hash: c285e3737d5122c911e0912afebc36c82f087011608ff1b1964af650133c44d6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-cache, no-store, max-age=0, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Mon, 04 Dec 2023 22:19:01 GMT
ETag: W/"59a9259b-8e8"
Last-Modified: Fri, 01 Sep 2017 09:17:15 GMT
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 200
OK bootstrap.css
videoriproduzione.mex.tl/css/lib/ 26 KB
6 KB 121ms
120ms Stylesheet
text/css 207.182.141.170
ENET-2

General

Check archive.org

Show headers Download Go to

Full URL: http://videoriproduzione.mex.tl/css/lib/bootstrap.css
Requested by: Host: videoriproduzione.mex.tl
URL: http://videoriproduzione.mex.tl/
Protocol: HTTP/1.1
Server: 207.182.141.170 , United States, ASN10297 (ENET-2, US),
Reverse DNS: builder1.pagina.mx
Software: nginx /
Resource Hash: 2fd383222c3de68d03044f73a0b2f729ac702a25abbf7898fd1a0658f7b669bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 22:19:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jun 2016 15:09:02 GMT
Server: nginx
ETag: W/"5775360e-66cd"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=7776000, must-revalidate, public
Connection: keep-alive

GET
H/1.1 200
OK base.css
videoriproduzione.mex.tl/css/ 262 KB
39 KB 250ms
129ms Stylesheet
text/css 207.182.141.170
ENET-2

General

Check archive.org

Show headers Download Go to

Full URL: http://videoriproduzione.mex.tl/css/base.css
Requested by: Host: videoriproduzione.mex.tl
URL: http://videoriproduzione.mex.tl/
Protocol: HTTP/1.1
Server: 207.182.141.170 , United States, ASN10297 (ENET-2, US),
Reverse DNS: builder1.pagina.mx
Software: nginx /
Resource Hash: 0dae81fba726382a2162564a9a9804b5ae74f85de021eef4a049b948a8180011

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 22:19:01 GMT
Content-Encoding: gzip
Last-Modified: Tue, 29 Aug 2017 09:20:47 GMT
Server: nginx
ETag: W/"59a531ef-418db"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=7776000, must-revalidate, public
Connection: keep-alive

GET
H/1.1 200
OK system_messages.css
videoriproduzione.mex.tl/css/markup/ 1 KB
934 B 246ms
124ms Stylesheet
text/css 207.182.141.170
ENET-2

General

Check archive.org

Show headers Download Go to

Full URL: http://videoriproduzione.mex.tl/css/markup/system_messages.css
Requested by: Host: videoriproduzione.mex.tl
URL: http://videoriproduzione.mex.tl/
Protocol: HTTP/1.1
Server: 207.182.141.170 , United States, ASN10297 (ENET-2, US),
Reverse DNS: builder1.pagina.mx
Software: nginx /
Resource Hash: c2db341e3768780a6c7cb6e6814b127b77ce13aee40259e0da4dafc0a2b970e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 22:19:01 GMT
Content-Encoding: gzip
Last-Modified: Thu, 30 Jun 2016 15:09:02 GMT
Server: nginx
ETag: W/"5775360e-5d2"
Transfer-Encoding: chunked
Content-Type: text/css
Cache-Control: max-age=7776000, must-revalidate, public
Connection: keep-alive

GET
H/1.1 200
OK earth.png
videoriproduzione.mex.tl/img/markup/ 6 KB
6 KB 245ms
123ms Image
image/png 207.182.141.170
ENET-2

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://videoriproduzione.mex.tl/img/markup/earth.png
Requested by: Host: videoriproduzione.mex.tl
URL: http://videoriproduzione.mex.tl/
Protocol: HTTP/1.1
Server: 207.182.141.170 , United States, ASN10297 (ENET-2, US),
Reverse DNS: builder1.pagina.mx
Software: nginx /
Resource Hash: af449e811ff4c91af22b20548629f37bd35696077f302eb2d6d81c79cfc00fee

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 22:19:01 GMT
Last-Modified: Thu, 30 Jun 2016 15:09:02 GMT
Server: nginx
ETag: "5775360e-185e"
Content-Type: image/png
Cache-Control: max-age=7776000, must-revalidate, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 6238

GET
H/1.1 200
OK requirejs.min.js Show response
videoriproduzione.mex.tl/js/lib/ 15 KB
7 KB 246ms
125ms Script
application/javascript 207.182.141.170
ENET-2

General

Check archive.org

Show headers Download Go to

Full URL: http://videoriproduzione.mex.tl/js/lib/requirejs.min.js
Requested by: Host: videoriproduzione.mex.tl
URL: http://videoriproduzione.mex.tl/
Protocol: HTTP/1.1
Server: 207.182.141.170 , United States, ASN10297 (ENET-2, US),
Reverse DNS: builder1.pagina.mx
Software: nginx /
Resource Hash: 6fb41ef8f016dba778776bace6798451806c3488cc0996170d7ebceca7b21db9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 22:19:01 GMT
Content-Encoding: gzip
Last-Modified: Mon, 11 Sep 2023 18:36:09 GMT
Server: nginx
ETag: W/"64ff5e19-3dad"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=7776000, must-revalidate, public
Connection: keep-alive

GET
H/1.1 200
OK requireConf.js Show response
videoriproduzione.mex.tl/js/ 46 KB
10 KB 122ms
122ms Script
application/javascript 207.182.141.170
ENET-2

General

Check archive.org

Show headers Download Go to

Full URL: http://videoriproduzione.mex.tl/js/requireConf.js
Requested by: Host: videoriproduzione.mex.tl
URL: http://videoriproduzione.mex.tl/
Protocol: HTTP/1.1
Server: 207.182.141.170 , United States, ASN10297 (ENET-2, US),
Reverse DNS: builder1.pagina.mx
Software: nginx /
Resource Hash: bba94b1757206b2bb2025abc4d1563aeed1532d92c9270f1a9b106b5ee26c427

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 22:19:02 GMT
Content-Encoding: gzip
Last-Modified: Fri, 01 Sep 2017 09:17:15 GMT
Server: nginx
ETag: W/"59a9259b-b9dc"
Transfer-Encoding: chunked
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=7776000, must-revalidate, public
Connection: keep-alive

GET
H/1.1 200
OK 1.css
fast.fonts.net/t/ 0
842 B 45ms
25ms Stylesheet
text/css 2606:4700::6810:f943
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: http://fast.fonts.net/t/1.css?apiType=css&projectid=eaf19cf5-485d-41eb-803b-07b10d75c4ce
Requested by: Host: videoriproduzione.mex.tl
URL: http://videoriproduzione.mex.tl/css/base.css
Protocol: HTTP/1.1
Server: 2606:4700::6810:f943 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 22:19:02 GMT
x-amz-version-id: null
CF-Cache-Status: HIT
x-amz-request-id: 2WETTBRTRBS42D2E
Age: 18928
Connection: keep-alive
Content-Length: 0
x-amz-id-2: WG7N+AulaLjzkDQ8UMOLh+wYEZmPqkKb9rLHaos8IrRxfq9Mjfu58LSV+ud17wyGjHlmBGCYKIY=
Last-Modified: Tue, 23 Mar 2021 12:59:23 GMT
Server: cloudflare
ETag: "d41d8cd98f00b204e9800998ecf8427e"
Vary: Accept-Encoding
Content-Type: text/css; charset=utf-8
Cache-Control: public, max-age=0, s-maxage=604800
Accept-Ranges: bytes
CF-RAY: 83076dbb5e0165c4-FRA
x-amz-meta-mtime: 1519217722

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 176 KB
58 KB 113ms
65ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7626426383707726

Requested by

Host: videoriproduzione.mex.tl
URL: http://videoriproduzione.mex.tl/js/lib/requirejs.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1aad70d57af00c8c427bf3c9e7a3f2c1454dd17a6561ef71f9b05020da646023

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59359
x-xss-protection: 0
server: cafe
etag: 5046376603905904795
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 22:19:02 GMT

GET
H/1.1 200
OK 8b1d5802-f86f-4cc1-95a8-261eabda1d22.woff2
videoriproduzione.mex.tl/fonts/baseFont/ 49 KB
50 KB 120ms
120ms Font
application/octet-stream 207.182.141.170
ENET-2

General

Check archive.org

Show headers Download Go to

Full URL: http://videoriproduzione.mex.tl/fonts/baseFont/8b1d5802-f86f-4cc1-95a8-261eabda1d22.woff2
Requested by: Host: videoriproduzione.mex.tl
URL: http://videoriproduzione.mex.tl/css/base.css
Protocol: HTTP/1.1
Server: 207.182.141.170 , United States, ASN10297 (ENET-2, US),
Reverse DNS: builder1.pagina.mx
Software: nginx /
Resource Hash: bfcc1ef464c127eb2db10bffe6543d295ba77867bc941688a7632ef2bb61f715

Request headers

Referer: http://videoriproduzione.mex.tl/css/base.css
Origin: http://videoriproduzione.mex.tl
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Date: Mon, 04 Dec 2023 22:19:02 GMT
Last-Modified: Thu, 30 Jun 2016 15:09:02 GMT
Server: nginx
ETag: "5775360e-c554"
Content-Type: application/octet-stream
Cache-Control: max-age=7776000, must-revalidate, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 50516

GET
H2 200 show_ads_impl_with_ama.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 458 KB
149 KB 84ms
83ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama.js?client=ca-pub-7626426383707726&plah=videoriproduzione.mex.tl

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7626426383707726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e0a1045df50b87dc7c5e162df3df0729722efa7328e446ec99a92563b8118cda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 152839
x-xss-protection: 0
server: cafe
etag: 17694653926908627914
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 22:19:02 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/ Frame 8F7C 10 KB
5 KB 56ms
18ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7626426383707726

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

424e0b4ae8208523253ee3d56f6ce82fdf46c978f5008bfa5e78bafebf779fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://videoriproduzione.mex.tl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69572
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4505
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 02:59:30 GMT
etag: 1201167979857287204
expires: Mon, 18 Dec 2023 02:59:30 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 74D1 54 KB
19 KB 146ms
145ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7626426383707726&output=html&adk=1812271804&adf=3025194257&lmt=1504257435&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=http%3A%2F%2Fvideoriproduzione.mex.tl%2F%230.7984514267228922&ea=0&pra=5&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&dt=1701728342480&bpp=3&bdt=707&idt=262&shv=r20231130&mjsv=m202311290101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2431804491220&frm=20&pv=2&ga_vid=1016594027.1701728343&ga_sid=1701728343&ga_hid=799089533&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C31079714%2C31079864%2C42531706%2C44807764%2C44808149%2C44808285%2C44809072&oid=2&pvsid=1733998888470901&tmod=148946269&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=277

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/show_ads_impl_with_ama.js?client=ca-pub-7626426383707726&plah=videoriproduzione.mex.tl

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

080289441285078a84dd334f9bef7d44d91eb65805e68d2d82d275f2dee60602

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://videoriproduzione.mex.tl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 19278
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 22:19:02 GMT
expires: Mon, 04 Dec 2023 22:19:02 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 191ms
131ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231130&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a0cbfc26e46acf9401ada0f4aee35b9931972f31c37daf291d91321f5adb6a92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12267
x-xss-protection: 0

GET
H3 200 reactive_library.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/ 189 KB
63 KB 81ms
80ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311290101/reactive_library.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d1bbcc22002c38cdcc155d1e62adc86a462466d5a08a17ef51894c1fa19c5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63967
x-xss-protection: 0
server: cafe
etag: 913833650493386283
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Mon, 04 Dec 2023 22:19:02 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/ Frame 0856 10 KB
4 KB 28ms
25ms Document
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

424e0b4ae8208523253ee3d56f6ce82fdf46c978f5008bfa5e78bafebf779fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://videoriproduzione.mex.tl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29803
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4505
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 14:02:20 GMT
etag: 1201167979857287204
expires: Mon, 18 Dec 2023 14:02:20 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 68E5 195 KB
58 KB 148ms
103ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW5QVgAMD6EIEfs0AAyx5MEZUX0GamBQN75u5w&u=%7Cc07gCP36QKdTTQwrWMQfcR6qEL7LZOPFMEu9%2FGBwYqI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAzbwNV_scAGbnK-9rzrehCtRhRxC6CBwLepaDxDcSYyP8mlyxZnKJxqNYSBJR7VfcloTLgzy9NHuueMWWXhh9zzdHzLbmS24wT0MpbO8ePlo2GItSX3kuarD-ppw5QC3v1aK6yoo_p_kqfT25rI8MgK50DBGesL9EYyIhF7-2jnDXCEVMImXThDIaX1nVdeVIJi7z36-SfNTSlhGbD3pwmm46dpxJHRKXPFsQHFrk-ICW5vZD5T-HUMfbCyZTm1EedQyER3WAnJg4iYIEIVmuCbww75E3PQNqO09uZjdO24GEicmklhX-atKVCqaXNP_L3vX9wZRStDC5MDxMjYWbIMu2zfsZ2ObPmNts2JvLlv0dyv-YCbRVzw3wpUq_JPBfkjKIHUep-EiudIFkOOnAWhDW-3FQWwHboJEj51TKEwJjKOpnLUHwD0UFdje8KKlhEd116U5JVx9e7SA83SQYzkmV9bKN7DlPWtFU2UH7n1VcmKn61fMlQOnahxfcTQ4agvH6S5Kl_6TK_ULNVZIerbLpwJNYku0XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC482jVlBuZaGfMLT2x_AP5OOyOMme0rFc9dqW93DAjbcBEAEgAGCV8ouCmAeCARdjYS1wdWItNzYyNjQyNjM4MzcwNzcyNsgBCakCmaQ_vjgmsj6oAwHIAwKqBNkBT9Acdg-ZEe-bCD_lH759EMzfRQD6le8PPkliYHtz11yg2KGvN73yOSSH9k_p5OY447DnH-CdgSYvlwIWWBTiFVOpLLviM_MBllFLk8TW7ScfqhZaci_j4TJAOeLhXNWYj-nESuvaEXQu4wbr6wJYOL9toN7JjtEqoYP5rxqC_CLRkhQddrWRKrIjgRQxtKXDeCoEqI1wMrH0Rs5_k2BYgs_7NQdxqgBDTzgyo9Ix_MEi6pvuAssnEtMU1jhMD1gSDRt7CpGaEAkI4O2v8hI8F-idtGH7-u6mBIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirgYGL6PaCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-Cj77JtucQtJmoJ3mZmPp3bG9zA%26client%3Dca-pub-7626426383707726%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e14dc90e5582d766f79351d3148aa520cf90eece088178a12e9d163fc3926344

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 22:19:03 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=3xSQTyVt51mKNg10Do4bdSev4wf1e0qK7R5yjfzGcmdA7z9IlqYRJHlmCTrMrZ1kXp0Nj3-eFN7Migsz-iWJ-x7e5PM-ed2L7_45y8hVTs8vRUDrWOKEo0ktg8MRC-3XtxIoc_-sCMKoMALLqL6lif5QDfgsxtEYRx1mGjAkj5pcaj5ZDVqkiGzzQVErLhs50dXP3oBZPDzKZFHDvxgWNRLkksrF6lDxE_XJ0BvU33M2uGIyGxwaaTlVfgv6r6E3JxXduA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 54268479
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0856 3 KB
1 KB 76ms
27ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/window_focus.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:19:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 10784
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1307
x-xss-protection: 0
server: cafe
etag: 18393213423120915576
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:19:19 GMT

GET
H2 200 qs_click_protection.js Show response
tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/ Frame 0856 30 KB
12 KB 69ms
21ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231129/r20110914/client/qs_click_protection.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

10b893e654a9f5201e21255bda9375b8de974251975e4c1533e463740b499cd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 19:54:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 8664
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11776
x-xss-protection: 0
server: cafe
etag: 13853050904789882092
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Dec 2023 19:54:39 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0856 202 KB
64 KB 71ms
65ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65067
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1701261208926228"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 04 Dec 2023 22:19:03 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 73ms
53ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Mon, 04 Dec 2023 22:19:03 GMT

GET
DATA 200
OK truncated
/ Frame 0856 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1094dc62f0866d2360688472906cfb25535999633992b0e302ba8baf0c078076

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 5359 13 KB
5 KB 25ms
24ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://videoriproduzione.mex.tl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1114
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 22:00:29 GMT
expires: Tue, 03 Dec 2024 22:00:29 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5EE0 829 B
1 KB 105ms
49ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

63dd1fd756115fdef9a73c2e28699b847a07800f5abb080cd5636579bb72eb8b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-qe7E4xYhHYf-gPv8qJYiXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://videoriproduzione.mex.tl/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-qe7E4xYhHYf-gPv8qJYiXQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 04 Dec 2023 22:19:03 GMT
expires: Mon, 04 Dec 2023 22:19:03 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0856 0
23 B 68ms
68ms Image
text/html 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C2gp1VlBuZaGfMLT2x_AP5OOyOMme0rFc9dqW93DAjbcBEAEgAGCV8ouCmAeCARdjYS1wdWItNzYyNjQyNjM4MzcwNzcyNsgBCakCmaQ_vjgmsj6oAwHIAwKqBNYBT9Acdg-ZEe-bCD_lH759EMzfRQD6le8PPkliYHtz11yg2KGvN73yOSSH9k_p5OY447DnH-CdgSYvlwIWWBTiFVOpLLviM_MBllFLk8TW7ScfqhZaci_j4TJAOeLhXNWYj-nESuvaEXQu4wbr6wJYOL9toN7JjtEqoYP5rxqC_CLRkhQddrWRKrIjgRQxtKXDeCoEqI1wMrH0Rs5_k2BYgs_7NQdxqgBDTzgyo9Ix_MFg6Lp8glj3L3XE8eLAL7G2AzxxvJu0CIu8KNAJAK0iO_AFfvXbE4AG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirgYGL6PaCA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi03NjI2NDI2MzgzNzA3NzI2GAA&sigh=T2zJjHYFUCs&uach_m=%5BUACH%5D&cid=CAQSTwDICaaN3alKSWR73XUKhj5xkE-d6wn7Gno9zYbiBwT9v5GRHX9gQqopPk30vBmZ34FIRQrpPYO6d_B6qLpK9hyv1s2WpVQNF7R1QhyQRzcYAQ&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Mon, 04 Dec 2023 22:19:03 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Mon, 04 Dec 2023 22:19:03 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 0856 0
126 B 83ms
27ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kKW_EMz6RO0HfJ2DYgICAAAA1EjawcoXoLUQVVBuZUOy5DL-V5UA_lEAABIAAAoKQVFVQkFRRUJBUQ&wp=ZW5QVgAMD6EIEfs0AAyx5MEZUX0GamBQN75u5w&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 153099
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 68E5 2 KB
1 KB 104ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZW5QVgAMD6EIEfs0AAyx5MEZUX0GamBQN75u5w&u=%7Cc07gCP36QKdTTQwrWMQfcR6qEL7LZOPFMEu9%2FGBwYqI%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANdxyL-B-DE_nzX6rileTfAzbwNV_scAGbnK-9rzrehCtRhRxC6CBwLepaDxDcSYyP8mlyxZnKJxqNYSBJR7VfcloTLgzy9NHuueMWWXhh9zzdHzLbmS24wT0MpbO8ePlo2GItSX3kuarD-ppw5QC3v1aK6yoo_p_kqfT25rI8MgK50DBGesL9EYyIhF7-2jnDXCEVMImXThDIaX1nVdeVIJi7z36-SfNTSlhGbD3pwmm46dpxJHRKXPFsQHFrk-ICW5vZD5T-HUMfbCyZTm1EedQyER3WAnJg4iYIEIVmuCbww75E3PQNqO09uZjdO24GEicmklhX-atKVCqaXNP_L3vX9wZRStDC5MDxMjYWbIMu2zfsZ2ObPmNts2JvLlv0dyv-YCbRVzw3wpUq_JPBfkjKIHUep-EiudIFkOOnAWhDW-3FQWwHboJEj51TKEwJjKOpnLUHwD0UFdje8KKlhEd116U5JVx9e7SA83SQYzkmV9bKN7DlPWtFU2UH7n1VcmKn61fMlQOnahxfcTQ4agvH6S5Kl_6TK_ULNVZIerbLpwJNYku0XE&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC482jVlBuZaGfMLT2x_AP5OOyOMme0rFc9dqW93DAjbcBEAEgAGCV8ouCmAeCARdjYS1wdWItNzYyNjQyNjM4MzcwNzcyNsgBCakCmaQ_vjgmsj6oAwHIAwKqBNkBT9Acdg-ZEe-bCD_lH759EMzfRQD6le8PPkliYHtz11yg2KGvN73yOSSH9k_p5OY447DnH-CdgSYvlwIWWBTiFVOpLLviM_MBllFLk8TW7ScfqhZaci_j4TJAOeLhXNWYj-nESuvaEXQu4wbr6wJYOL9toN7JjtEqoYP5rxqC_CLRkhQddrWRKrIjgRQxtKXDeCoEqI1wMrH0Rs5_k2BYgs_7NQdxqgBDTzgyo9Ix_MEi6pvuAssnEtMU1jhMD1gSDRt7CpGaEAkI4O2v8hI8F-idtGH7-u6mBIAG3IqBvYCDxve2AaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCB0IgOGAEBABMgKqAjoCgEBIvf3BOlirgYGL6PaCA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_3-Cj77JtucQtJmoJ3mZmPp3bG9zA%26client%3Dca-pub-7626426383707726%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:19:03 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 68E5 2 KB
1 KB 102ms
40ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:19:03 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 68E5 308 B
637 B 84ms
23ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Thu, 28 Nov 2024 22:19:03 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 68E5 293 B
621 B 88ms
27ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Thu, 28 Nov 2024 22:19:03 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 68E5 43 B
348 B 89ms
28ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=N9JACHsnO68UYrYiDu2RaQt1qcxyiBk5FzQacZfsIii6p5DebZ-6pG1Efx4yU6rW_qv6S7nVQZTKgJ6Mk5W3iG5fPOtGSxxeZwCORyFLZWSdGIi9Ls50dbrZH8WSXHQScc-HOUJjQYKSwQ09jVfy1ApAg-QT3JE4hSL2pSUXxJweKGw2H86Gi_XaqDbxfwcFYmbVs3rXsviAo5raP4xNwHkMXMbkyMsNfXDVxZqsON43dsL0V5GLA1xfVabaX569Hz61XcqturXsEn_vblhKn232deA5IbgcfMV1gsZ8qgAzzVUXTINFI80PCbaASVdXL44PAJKY_sDuP4n4bP92qFAKxOR7UPxJOSH28ovVQJHxDdrvWdqU-dSwJ8JUHvQ9NyFscAPvxLhBdPZLDeFrN-GAJQBPtbSkAh52hKH6NNaGhvqm

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1609710
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 68E5 12 KB
5 KB 55ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 334138
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8MiU8pxlabg%2F9DvIOPrHNbCrJHP75sfEkXy5m0qcuN5jPYh1zqp15Lp%2FeRsUbUZxSuQugF8DP3rbQHDtrIw3xtmuqweBdNYgqT%2FxXqky3vmwAEA%2FTxucDCEsOlNmiGLa4YOFMvsYanXlZxRpQc%2F2mCVW"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 83076dc18afc4dbf-FRA
expires: Sat, 23 Nov 2024 22:19:03 GMT

GET
H3 200 Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js Show response
pagead2.googlesyndication.com/bg/ Frame 5359 39 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Dtt_-LR3WxpzwV0Gscftq1A_D1owstvxoTnWWhwY4Ow.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 21:09:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4151
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15165
x-xss-protection: 0
last-modified: Tue, 28 Nov 2023 18:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 03 Dec 2024 21:09:52 GMT

GET
H2 200 0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff
static.criteo.net/design/dt/ Frame 68E5 38 KB
38 KB 107ms
60ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/0d5410bc9c3e437daf6999836d04f18f_ubuntu-medium.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-97a8"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:19:03 GMT

GET
H2 200 ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff
static.criteo.net/design/dt/ Frame 68E5 46 KB
46 KB 137ms
89ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/ec51d215a5904df99ebfe8eacf21246e_ubuntu-light.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 02 Oct 2018 14:57:25 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5bb38755-b778"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:19:03 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 68E5 12 KB
6 KB 38ms
37ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:19:03 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 4 KB
4 KB 80ms
22ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=244&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F1344%2F230413%2Fc53e5f9a71444a36ae4d74a664fc7269_logo_n_horizontal_4.png&v=3&w=196&rid=4&s=I-NWNHuipLIqog3zV6XJrMog

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

59d8b805b12d336d283666c0148287dfd4238f893d5ed7364ac9b542eb160853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3824
expires: Wed, 13 Nov 2024 04:47:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 21 KB
21 KB 126ms
68ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1697096973%2F23157672-pNV9Uim9.jpg&v=3&w=800&rid=4&s=Z6t8gyIxKP58JQRhAxd7ZPGv&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2e6a3ff189ca0eba8c6f25e38ffc2d832a4eae24a273461d82c9093a280ac613

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 21732
expires: Fri, 08 Dec 2023 07:05:57 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 354 B
568 B 79ms
21ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fbonprix%2Fstarrating%2Fstar_4.png&v=3&w=400&rid=4&s=u4d8gANmsyX95m5QENytTHgL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

cfb9ab1e326d1a30bb341a4d74db9b750c6c4aebb6304ad1264b1761c6b280d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 354
expires: Thu, 07 Nov 2024 18:17:28 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 21 KB
22 KB 105ms
48ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1697097004%2F23159888-kLV9YUnF.jpg&v=3&w=800&rid=4&s=ffry30DretVB-tLBxO15HOtf&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e61688b09616d55d4d92f4449f07074c474cd0849c8eb80f07e079d8245a04c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 21932
expires: Fri, 08 Dec 2023 07:24:34 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 29 KB
29 KB 115ms
58ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1597867630%2F20141832-zkIotUf2.jpg&v=3&w=800&rid=4&s=hc6cX-vKElgN5RJROs8x184H&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

97fc356d2c1d75816f8f8073f09f8a82f3adcfcdbcb8e1c1d9dd59bd098fb0fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 29746
expires: Fri, 08 Dec 2023 14:38:18 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 14 KB
15 KB 114ms
57ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1698820208%2F23187920-b847jtYl.jpg&v=3&w=800&rid=4&s=eDTrfuJU5uOPAAh_Vm3lIosk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

c9a4b8a988c7cc1a774eb6f2eb421d30d5a5056619231c10c865f4456718ccf7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 14788
expires: Sun, 10 Dec 2023 17:43:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 1 KB
2 KB 102ms
93ms Image
image/png 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=400&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2Fbonprix%2F20230502%2F200x65_neulabel_criteo_de.png&v=3&w=400&rid=4&s=LMbwVQqqZkIT_OqRJg0FwumN

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

a71193943da4f3877526c6f868c74c829bff69efae4a45b82b51eed31916dc74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 1484
expires: Wed, 06 Nov 2024 17:07:28 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 22 KB
22 KB 102ms
93ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1694766993%2F23160666-Fg1QWqwq.jpg&v=3&w=800&rid=4&s=lYjMBu51DBM4-JhnH18s69A7&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4a906327b4873a075117a42516dc3222260300ec7258c369434a52a80bbf6f5e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 22146
expires: Fri, 08 Dec 2023 07:25:49 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 19 KB
19 KB 97ms
95ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1601493353%2F20180382-N0inxnGn.jpg&v=3&w=800&rid=4&s=XRo0onD6xp7Qx4iuumENhMMs&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5664724ebd656bb29a93d2947196bd9061fcff8de047b1f37f4443ae6b613d02

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 19386
expires: Fri, 08 Dec 2023 13:59:44 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 13 KB
13 KB 98ms
95ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1700121691%2F23203635-Ffj0pTas.jpg&v=3&w=800&rid=4&s=oPzBeBuOTxg1HaLF6k6-7UVj&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2ef365ce10f8e902fa8f33288e6d99c6e5f545970ce00e74e2a46c70f6d6c3b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 13424
expires: Fri, 08 Dec 2023 08:30:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 11 KB
11 KB 98ms
96ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1592825564%2F17225227-6RUSDSG1.jpg&v=3&w=800&rid=4&s=UqIA11-EOa7qpmwx5OVxfVr6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b39fdafd759050ef5d851bd6f584c4b376cd8b1a36ab173ab396fe5444ade3f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 11062
expires: Fri, 08 Dec 2023 13:15:40 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 7 KB
8 KB 99ms
96ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=3018&q=80&r=2&u=https%3A%2F%2Fimage01.bonprix.de%2Fassets%2F1400x1960%2F1582102687%2F18095766-ny4LsMV4.jpg&v=3&w=800&rid=4&s=byvQW6nxnIBNk6jsXNdVBYmN&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

aeb0a5d5c62f3150f5642dc31e5cbe034ca63cba96fdf53a36f3e2a3cfa650c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=604800
timing-allow-origin: *
content-length: 7576
expires: Sun, 10 Dec 2023 07:40:33 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 68E5 98 KB
98 KB 99ms
97ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=3018&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3018%2F5095324%2F08d2a032bcfa4e3397c543e7e42e269f_img_horizontal_2.jpg&v=3&w=1200&rid=4&s=UaZ_dKyJgyV3Vzwfkj4EX2pv

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

04893dd1f8940993e737f27a4c32ff4e69ab425543450a0c5ecffe4db1dba86f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 100106
expires: Sat, 09 Nov 2024 10:35:59 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 68E5 0
128 B 79ms
23ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=3xSQTyVt51mKNg10Do4bdSev4wf1e0qK7R5yjfzGcmdA7z9IlqYRJHlmCTrMrZ1kXp0Nj3-eFN7Migsz-iWJ-x7e5PM-ed2L7_45y8hVTs8vRUDrWOKEo0ktg8MRC-3XtxIoc_-sCMKoMALLqL6lif5QDfgsxtEYRx1mGjAkj5pcaj5ZDVqkiGzzQVErLhs50dXP3oBZPDzKZFHDvxgWNRLkksrF6lDxE_XJ0BvU33M2uGIyGxwaaTlVfgv6r6E3JxXduA&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 22:19:02 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 68E5 2 KB
1 KB 36ms
36ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:19:03 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 68E5 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 28 Nov 2024 22:19:03 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 5EE0 0
0 54ms
53ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231130&jk=1733998888470901&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 5359 0
10 B 25ms
24ms Image
text/plain 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?fItOUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

date: Mon, 04 Dec 2023 22:19:03 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
49ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231130&jk=1733998888470901&bg=!YWKlYi3NAAY3kmNgF5I7ADQBe5WfOMHtw_rkKpHCsL8ixXRHEX3xdZWy9zHD9NvvRuwWTwQ6TD8lEwAOtrY1ILDOw2EqAgAAAD1SAAAAAmgBBwoAypts-J-mefqpG6Ig7FaYk-E46QEo58IjNnYD4gm8GKkC3r7SnMtyCgkD1G9Yw4E7VE5MLlwHliBwrh5lkctgD-Xt31JFOYiBfQzwrXiuZShtYJ_G8_V1ZgNEhlOZtU7w7scPAyH7HcciY8iv0PJgWj142GqDfJ59P3AV510BKLHFKj85u10kjcvSXTQIYj1uUZkldg63HYdAe0O6zFFathCOsibbTTmM3IxNV7Gzu-7zkanAFsmFZPFrCTpYCOhemTuWNwEXWh3KCiSZAr9vgGnU_eO_FOqkWPqowNiJNpeabxm_1Yh3c19A4d_LSmE78YCU9VgwdrsDF0xeH6aqsH__M6Ba7xi38gOYvOzBWGwBuPLR-RxkbFaR4AA5egWxDMXowqWclDQMI4pFdNiJHS6pC6WZDJAXWH1R4Q-nae0KJLrUxh55zvVcp6cxnSttZnNqlmsUJS513SFD6c-z80lazTO1hWEYM_Ez_64_ffrQFUv4JdtpBWYMs_NBKMXkZUTRrAwwrbCmgAFiZflMuKlqjQMglfviI2VURDotnr8cdY5MXlm9ilWyz-1kob800G1C8P_sY1tgFaWt0H-CJn-L_MEzSONBPBZ2Vn5dtmA3Q97vIv7Nao3uULte8SKo-Ys2DT_3U6L_FofaQ2lzlht_MVe9PPD-RkzxRPWpi7VwrkqPqf1r-vnp_0sGS9MtAs6oSlqlHscMpARLFQthcZPxVpmw-dWAtc_HRcrrEFWLrR9Nrq784XNgGwJbC8pNQ-BsriAkRnLhhonPaM7WjM24O1jiMy9plI1Q76VR4hc81MrUpg31-1arW7yTCb1cuTDDIUfCfqflnjmBpJpOzFP4P2VQdTHxWjStgMaGftXbIH1hEEWCUcvtkjYn-OUgw0HWJOBpP52Apft3t8aeHI_AYXPFFIB0RQJedb_l0PFbcFQwemHQqMpOMhhUdMF9i25blPwzsdoe8ZxVY-sDLl-GLpM1pvQhKx0qfZeNHoyUQWnjtNur3LVHvaNqqlgqu96vkaJ8SC6PECkGomvQTJ3iFZ5gXpxVvSGSfCZ592ggsmQDEVLh4k6w8ATkF-N14hwmw1dP6b7Xshb-mVr4upGXE7IQitqVTxTgfcZI-odNFySw0fd24dKdkRG0dgj5uNuEWH-9G_ZRUcHN2uTY2jbre7ezz9uKWy6_ex5Hg7Q5pAJHizVWmheOeugq
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://videoriproduzione.mex.tl/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 0856 42 B
64 B 52ms
51ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvzQN5Y0AXmxb0xSAI9fSq1Ok56F7gMMpc7ENMyE-mJI1tiDrNHJwdilo1Fb-_jViZp7DfDoAEizQX6XCY4s-5Y8X6paHe7uy6MOE8sCsfrgLT3RP3F&sig=Cg0ArKJSzJLun1t8tz77EAE&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=84,767,1000,1113,1213&tos=84,683,233,113,100&v=20231129&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&vs=4&r=v&rst=1701728343046&rpt=175&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Dec 2023 22:19:04 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 68E5 0
127 B 14ms
14ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.138 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Mon, 04 Dec 2023 22:19:04 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

39 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

3 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.mex.tl/	1970-01-21 02:03:44	Name: __gads Value: ID=a894abe957fe7ead:T=1701728342:RT=1701728342:S=ALNI_MYdS5bc9p36GD3MVY4c15b5r-maXg
.mex.tl/	1970-01-21 02:03:44	Name: __gpi Value: UID=00000d0ae8931a06:T=1701728342:RT=1701728342:S=ALNI_MbI4E7GG3yt9XuWLgVashcBkiHvmQ
.doubleclick.net/	1970-01-21 02:03:44	Name: IDE Value: AHWqTUkYY0ASNpHCuDm_XSrrf5VC1RjzlfJru2J5YWAm7GVYEJ4iNf41MuCA5x-iaLY

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/html/r20231130/r20110914/zrt_lookup.html?fsb=1(Line 19) Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fast.fonts.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
rtb.nl3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
videoriproduzione.mex.tl
www.google.com
www.googletagservices.com
178.250.1.6
207.182.141.170
2606:4700::6810:f943
2606:4700::6811:190e
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:80f::2002
2a00:1450:4001:828::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
04893dd1f8940993e737f27a4c32ff4e69ab425543450a0c5ecffe4db1dba86f
080289441285078a84dd334f9bef7d44d91eb65805e68d2d82d275f2dee60602
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0dae81fba726382a2162564a9a9804b5ae74f85de021eef4a049b948a8180011
0edb7ff8b4775b1a73c15d06b1c7edab503f0f5a30b2dbf1a139d65a1c18e0ec
1094dc62f0866d2360688472906cfb25535999633992b0e302ba8baf0c078076
10b893e654a9f5201e21255bda9375b8de974251975e4c1533e463740b499cd8
1aad70d57af00c8c427bf3c9e7a3f2c1454dd17a6561ef71f9b05020da646023
1adb10c9a5878dd4306d66ff94ae27a07cbe47f57b34dec9a807e5d2d426eee0
2e6a3ff189ca0eba8c6f25e38ffc2d832a4eae24a273461d82c9093a280ac613
2ef365ce10f8e902fa8f33288e6d99c6e5f545970ce00e74e2a46c70f6d6c3b6
2fd383222c3de68d03044f73a0b2f729ac702a25abbf7898fd1a0658f7b669bf
424e0b4ae8208523253ee3d56f6ce82fdf46c978f5008bfa5e78bafebf779fbd
4a906327b4873a075117a42516dc3222260300ec7258c369434a52a80bbf6f5e
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5664724ebd656bb29a93d2947196bd9061fcff8de047b1f37f4443ae6b613d02
59d8b805b12d336d283666c0148287dfd4238f893d5ed7364ac9b542eb160853
5d1bbcc22002c38cdcc155d1e62adc86a462466d5a08a17ef51894c1fa19c5fd
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
63dd1fd756115fdef9a73c2e28699b847a07800f5abb080cd5636579bb72eb8b
6fb41ef8f016dba778776bace6798451806c3488cc0996170d7ebceca7b21db9
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
88a577b7767cbe34315ff67366be5530949df573931dd9c762c2c2e0434c5b8a
8d6af87f2e8ab6ba751d5bda81faf18aed637f3c43f3f5c25acfcdb8dc674a92
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
97fc356d2c1d75816f8f8073f09f8a82f3adcfcdbcb8e1c1d9dd59bd098fb0fe
a0cbfc26e46acf9401ada0f4aee35b9931972f31c37daf291d91321f5adb6a92
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71193943da4f3877526c6f868c74c829bff69efae4a45b82b51eed31916dc74
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
aeb0a5d5c62f3150f5642dc31e5cbe034ca63cba96fdf53a36f3e2a3cfa650c0
af449e811ff4c91af22b20548629f37bd35696077f302eb2d6d81c79cfc00fee
b39fdafd759050ef5d851bd6f584c4b376cd8b1a36ab173ab396fe5444ade3f9
bba94b1757206b2bb2025abc4d1563aeed1532d92c9270f1a9b106b5ee26c427
bfcc1ef464c127eb2db10bffe6543d295ba77867bc941688a7632ef2bb61f715
c285e3737d5122c911e0912afebc36c82f087011608ff1b1964af650133c44d6
c2db341e3768780a6c7cb6e6814b127b77ce13aee40259e0da4dafc0a2b970e4
c9a4b8a988c7cc1a774eb6f2eb421d30d5a5056619231c10c865f4456718ccf7
ce8b0ce00b853304b4500a3e0273c2ee8123ec998d9ea4bc1a2b3e97c573b61f
cfb9ab1e326d1a30bb341a4d74db9b750c6c4aebb6304ad1264b1761c6b280d1
e0a1045df50b87dc7c5e162df3df0729722efa7328e446ec99a92563b8118cda
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e14dc90e5582d766f79351d3148aa520cf90eece088178a12e9d163fc3926344
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e61688b09616d55d4d92f4449f07074c474cd0849c8eb80f07e079d8245a04c5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

videoriproduzione.mex.tl Open in urlscan Pro 207.182.141.170 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

56 Requests

84 %HTTPS

85 %IPv6

9 Domains

14 Subdomains

14 IPs

3 Countries

962 kBTransfer

2198 kBSize

3 Cookies

0 Outgoing links

Redirected requests

56 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

videoriproduzione.mex.tl Open in urlscan Pro
207.182.141.170 Public Scan

Screenshot
Live screenshot

Full Image

56
Requests

84 %
HTTPS

85 %
IPv6

9
Domains

14
Subdomains

14
IPs

3
Countries

962 kB
Transfer

2198 kB
Size

3
Cookies

56 HTTP transactions
1 data transactions