wincdemu.sysprogs.org Open in urlscan Pro
2600:3c01::f03c:92ff:fe79:73db Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sysprogs.org/
Effective URL:
https://wincdemu.sysprogs.org/
Submission Tags: tranco_l324
Submission: On March 05 via api (March 5th 2024, 5:39:28 am UTC) from DE — Scanned from DE

Summary HTTP 99 Redirects Links 30 Behaviour Indicators

Summary

This website contacted 19 IPs in 3 countries across 13 domains to perform 99 HTTP transactions. The main IP is 2600:3c01::f03c:92ff:fe79:73db, located in Fremont, United States and belongs to AKAMAI-LINODE-AP Akamai Connected Cloud, SG. The main domain is wincdemu.sysprogs.org.
TLS certificate: Issued by R3 on February 13th 2024. Valid for: 3 months.

This is the only time wincdemu.sysprogs.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
3 10	2600:3c01::f0... 2600:3c01::f03c:92ff:fe79:73db	63949 (AKAMAI-LI...) (AKAMAI-LINODE-AP Akamai Connected Cloud)
3	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f08... 2a03:2880:f084:105:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
13	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2004	15169 (GOOGLE) (GOOGLE)
99	19

10 2600:3c01::f03c:92ff:fe79:73db (Fremont, United States) 3 redirects

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)

sysprogs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
wincdemu.sysprogs.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sysprogs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f084:105:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

static.xx.fbcdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 104 tpc.googlesyndication.com — Cisco Umbrella Rank: 161	672 KB
30	criteo.net static.criteo.net — Cisco Umbrella Rank: 677 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10026 csm.eu.criteo.net — Cisco Umbrella Rank: 9677	789 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 35	121 KB
6	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 9660 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 15045 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10817	109 KB
6	sysprogs.org 3 redirects sysprogs.org wincdemu.sysprogs.org	106 KB
4	gstatic.com fonts.gstatic.com www.gstatic.com	64 KB
4	sysprogs.com sysprogs.com	85 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 29 region1.google-analytics.com — Cisco Umbrella Rank: 2089	21 KB
3	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 30	4 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	fbcdn.net static.xx.fbcdn.net — Cisco Umbrella Rank: 1064	6 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	85 KB
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	8 KB
99	13

	Domain	Requested by
29	pagead2.googlesyndication.com	wincdemu.sysprogs.org pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
14	static.criteo.net	ads.eu.criteo.com
13	imageproxy.eu.criteo.net	ads.eu.criteo.com
9	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	sysprogs.com	wincdemu.sysprogs.org
4	wincdemu.sysprogs.org	1 redirects wincdemu.sysprogs.org
3	www.gstatic.com	wincdemu.sysprogs.org googleads.g.doubleclick.net
3	csm.eu.criteo.net	ads.eu.criteo.com
3	fonts.googleapis.com	wincdemu.sysprogs.org googleads.g.doubleclick.net
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.google-analytics.com	wincdemu.sysprogs.org www.google-analytics.com
2	sysprogs.org	2 redirects
1	www.google.com	tpc.googlesyndication.com
1	region1.google-analytics.com	www.googletagmanager.com
1	static.xx.fbcdn.net	www.facebook.com
1	www.googletagmanager.com	www.google-analytics.com
1	www.facebook.com	wincdemu.sysprogs.org
1	fonts.gstatic.com	fonts.googleapis.com
99	21

This site contains links to these domains. Also see Links.

Domain
sysprogs.com
visualgdb.com
gnutoolchains.com

Subject Issuer	Validity	Valid
sysprogs.com R3	`2024-02-13` - `2024-05-13`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-12-13` - `2024-03-12`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-06` - `2024-05-03`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-17` - `2024-05-17`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-28` - `2024-05-31`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-02-05` - `2024-04-29`	3 months	crt.sh

This page contains 15 frames:

Primary Page: https://wincdemu.sysprogs.org/
Frame ID: 4DBE5A5F4AF823226B4C6AD78280E035
Requests: 19 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FWinCDEmu%2F142851109122625&width=220&colorscheme=light&show_faces=false&border_color&stream=false&header=false&height=62
Frame ID: 7F5F7105BF5B9AAA684012EFFBFBCC2A
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: BD3D0EC8F2F85FD0E550D6BE519987DE
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&h=280&slotname=3459168948&adk=54771071&adf=2550257800&pi=t.ma~as.3459168948&w=1200&fwrn=4&fwrnh=100&lmt=1709617163&rafmt=1&format=1200x280&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163748&bpp=14&bdt=1082&idt=161&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=3799439134924&frm=20&pv=2&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=175
Frame ID: 2DD2AD4A9704761F3C41E9A360AC6752
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&h=280&slotname=9122365647&adk=3387091555&adf=917691366&pi=t.ma~as.9122365647&w=1200&fwrn=4&fwrnh=100&lmt=1709617163&rafmt=1&format=1200x280&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163762&bpp=1&bdt=1096&idt=193&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3799439134924&frm=20&pv=1&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=196
Frame ID: 0F5D07CB887D8AB8B91432BF8C4D1331
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&adk=1812271804&adf=3025194257&lmt=1709617163&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163790&bpp=2&bdt=1123&idt=181&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=3799439134924&frm=20&pv=1&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=189
Frame ID: 4D4E24A37DA6875F864C64CF44CD41E7
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeawCwAO4o8Iu_6MAAabV-7qCU9Y9ugdJBOapA&u=%7CQvhks5wtSuXoiGDcQC52zk2kJdG1czAYCrfvVktrb%2B0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyzkDkBo83W2EfVZ0ywfZl3ZUaEmn3Wl9tzWmwI125JxvZrDdf81Nc-3JMzlp1phxGpNLrlq5dCKylsm9jikAPknECP9ZRD5TJFzgdVJP8MJkzqr0NffxK5ZGhZYAzBhQuly0NceYoExrWDsjo9VJKsnJPxg_XzOlNiN9r8rz6OmNXgkbeMNs8RlehEGnICUHsZ-SEW9efj9ZOhZcgmOiXqosQD53HmzIYR2my-ygt2m9GoEp5nnKWYvwvuGAXfKneFDiEErCpMDAkIYMsVO2xFvX2MvvLOMjH40wZ3FKCDRdPYx7Et14F-hQH_SByB60kXS7sqe6FeJtN_Feji5zoh2lOh_Z8VZ3qN8mZKbT8Stqp7iR1tuRzNNX4ivAJqX2XannQjPmxQm-HHrfCZP7qvygDGB0ZFF-ZGPPtXqGAj0TSGaJetVqnrzhaqCTHsnrmFezguXJjleQjJk64wvgC7Zos5Q_4qhbcN21mnpplTsPFDaBfospwflN38HVfoyCZzNBTGFFKcjd-LWUJo2_aApHV1_hRcKxHJkmDCHXAEFeaZ20O9F8Dwo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCafSFC7DmZY_FO4z97_UP17aasAzJntKxXL3xlPdwwI23ARABIABglfqagqwHggEXY2EtcHViLTM5OTAxNjM1NzQ5Mjk2NDjIAQmpArslBQjVM7I-qAMByAMCqgTaAU_Qq973o_jARfPtANgkagNYDGujgf0FyL9SF10fJh7JYJ9fwLB9-sBBT2hVeuexHe6WxZDma9714B9EbAJ51JDIfGII5KgKMbPCe63EezsQ4u3mAjp31IwYR_xjUHcShNOO4xba3_mb-4fy-2pAfRji0MwfMCkz92V6EJ8MLFhSAteUqpYYNqlqi_Rq1FIN8Oc64fYHl7CL4nP9uKs_ummWSvDQq-NzsVIzfl5Bc_HV3EA6_8X699eGqvEnyPytNRTxfb6bx1TPY0ceBlkqVJspXDERCB34-3SggAbi14akioCbow2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUKEi9_cE6WLnWip603IQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0qm9KT4oynTLW3rOdbo5S4Kwpsaw%26client%3Dca-pub-3990163574929648%26adurl%3D
Frame ID: 54267637801D54D67B733D778F69935D
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js
Frame ID: 6006A8106D89C767DB75C54ED6B5C727
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 884C0C328C9EB088CC4BA5BF9198FBF8
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: A2A10B281213EC1B698AC99130418BDA
Requests: 8 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Frame ID: 4A221535A6C3C0D026D21BDB2A7C95FD
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeawCwAPM3IIu_KUAAD7CWZTRMAmi8uur8c1fw&u=%7CQvhks5wtSuXZNRozWm7Qr3%2F%2F6sjnLe8kMLfj1XoGTZk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUKXAUja0x4EaKAdFf4jpcRp4wrolhc9HcVEaoOkRAt0WT8fjzZATQKQkBiDE_FR7RcqDqM5jCQiTeajt-ctY5BCNu_4kAfGnKBnm0Sg6wh0YIup9rEHr0Nnoq_UvHHtt7zfUVLe3uZ8UJT_muWsl-3LHNcy7mf4-3EI8l4m3_1te3ryoYLOgCnOWnU4h4BgVGB5lox0DPeQi5SJHUCCSQuIrsahEtmNY510hThjG4sAlRvVBdCUH1d3KCqUMdsY3Q4IIrtwqam_78bKwzy7ykiJxCVFm2U_L2zAe8uUf8rESDn0pahI4D1t2byjF0SBf6-c-0_JAJH25Y-w4KdkelVBu2hvW3LKC51Y-ypH3G6ysYWc3JF5iuS6stuJ3_vnuTd0UGdhNjc1m_xu_stDPhd6WOrIkv-xRxVCkMuAUFJQhXI3-srsYIH_0fICcVaJu2w5WQDwYLjvun1kWGENyaMBtIK9qaN5a6MmOzPL6WtGX9ZHLoVDX5DZvVw8n-OmY-aXvFXVeeEWbwhA_fXXs-ptD6zajGJShD-hLPSHRzeQHtJ7nvmkkW6UZL-zpjnyojg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQVwAC7DmZfLmPJTl7_UPifaDiATJntKxXPWdmPdwwI23ARABIABglfqagqwHggEXY2EtcHViLTM5OTAxNjM1NzQ5Mjk2NDjIAQmpAl9oYfDXNLI-qAMByAMCqgTUAU_Qc6L4jIfAHNdAYVbZFhCun28-SRk6eAEQA14Ln317PFht3dsfOpIUHlAnlJOzh0LKX85qLXoxGbSaA2vYOTlciLL55xeAlL8otYNEnAueYzifb8Hr0je8nfyBq68lGOdLK7wwfcScd9_CHmXdNfBB27n4HVG-0i86zzohtbn2GkvfYG7RZscSTIXyqIvW71LrnCHS4ERrlTfRgnzBvU5t4MDgWaM_Ji_4wgTVBS4PVyY56DUuX3eL2BEt-C8lhU_C7od80n3c2KSataHJlhg13G9QgAbi14akioCbow2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggpCJHhgHAQATIH64uA4L-ADToJgECAgICAgJQoSL39wTpY_vuLnrTchAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_126DmvwWPOz6rx1e0wfg7VPEaq3g%26client%3Dca-pub-3990163574929648%26adurl%3D
Frame ID: 20CA9EDFDB27CC2A529D8B1ADCDFBE12
Requests: 19 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js
Frame ID: 943229913128D713B78E853DB2A707B2
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 6CECCE654EF39089C3DBB61117862ED9
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 593EF4CF1782CEEF247B8E2AB40F5E3D
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

WinCDEmu - the easiest way to mount an ISO. And more...

Page URL History Show full URLs

http://sysprogs.org/ HTTP 301
https://sysprogs.org/ HTTP 302
http://wincdemu.sysprogs.org/ HTTP 301
https://wincdemu.sysprogs.org/ Page URL

Detected technologies

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

99
Requests

100 %
HTTPS

94 %
IPv6

13
Domains

21
Subdomains

19
IPs

3
Countries

2071 kB
Transfer

4095 kB
Size

6
Cookies

30 Outgoing links

These are links going to different origins than the main page.

URL: https://sysprogs.com/privacy
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://sysprogs.com/

Search URL Search Domain Scan URL

URL: https://sysprogs.com/products
Title: Products

Search URL Search Domain Scan URL

URL: https://visualgdb.com/
Title: VisualGDB

Search URL Search Domain Scan URL

URL: https://sysprogs.com/VisualKernel
Title: VisualKernel

Search URL Search Domain Scan URL

URL: https://sysprogs.com/analyzer2go
Title: Analyzer2Go

Search URL Search Domain Scan URL

URL: https://sysprogs.com/SmarTTY
Title: SmarTTY

Search URL Search Domain Scan URL

URL: https://gnutoolchains.com/
Title: GNU Toolchains

Search URL Search Domain Scan URL

URL: https://sysprogs.com/winflashtool
Title: WinFlashTool

Search URL Search Domain Scan URL

URL: https://sysprogs.com/legacy/
Title: Legacy Products

Search URL Search Domain Scan URL

URL: https://sysprogs.com/downloads
Title: Downloads

Search URL Search Domain Scan URL

URL: https://visualgdb.com/download
Title: VisualGDB

Search URL Search Domain Scan URL

URL: https://sysprogs.com/VisualKernel/download
Title: VisualKernel

Search URL Search Domain Scan URL

URL: https://sysprogs.com/analyzer2go/download
Title: Analyzer2Go

Search URL Search Domain Scan URL

URL: https://sysprogs.com/SmarTTY/download
Title: SmarTTY

Search URL Search Domain Scan URL

URL: https://gnutoolchains.com/download
Title: GNU Toolchains

Search URL Search Domain Scan URL

URL: https://sysprogs.com/winflashtool/download
Title: WinFlashTool

Search URL Search Domain Scan URL

URL: https://sysprogs.com/tutorials/
Title: Tutorials

Search URL Search Domain Scan URL

URL: https://visualgdb.com/tutorials/
Title: VisualGDB

Search URL Search Domain Scan URL

URL: https://sysprogs.com/VisualKernel/tutorials/
Title: VisualKernel

Search URL Search Domain Scan URL

URL: https://sysprogs.com/analyzer2go/tutorials/
Title: Analyzer2Go

Search URL Search Domain Scan URL

URL: https://sysprogs.com/support
Title: Support

Search URL Search Domain Scan URL

URL: https://sysprogs.com/w/forum
Title: Forum

Search URL Search Domain Scan URL

URL: https://visualgdb.com/documentation/
Title: Documentation

Search URL Search Domain Scan URL

URL: https://sysprogs.com/contact
Title: Contact

Search URL Search Domain Scan URL

URL: https://sysprogs.com/blog
Title: Blog

Search URL Search Domain Scan URL

URL: https://sysprogs.com/about
Title: About Us

Search URL Search Domain Scan URL

URL: http://visualgdb.com/?features=embedded

Search URL Search Domain Scan URL

URL: https://sysprogs.com/disclaimer
Title: Terms of Use

Search URL Search Domain Scan URL

URL: https://sysprogs.com/copyright
Title: Copyright

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sysprogs.org/ HTTP 301
https://sysprogs.org/ HTTP 302
http://wincdemu.sysprogs.org/ HTTP 301
https://wincdemu.sysprogs.org/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

99 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
wincdemu.sysprogs.org/
Redirect Chain

http://sysprogs.org/
https://sysprogs.org/
http://wincdemu.sysprogs.org/
https://wincdemu.sysprogs.org/

16 KB
16 KB

474ms
156ms

Document
text/html

2600:3c01::f03c:92ff:fe79:73db
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://wincdemu.sysprogs.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c01::f03c:92ff:fe79:73db Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: Apache / PHP/7.3.24
Resource Hash: 9bd550ac8dee1f965e3ebf571ea3d2251539969a907b064a7828f7298c040426

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: Keep-Alive
Content-Type: text/html; charset=UTF-8
Date: Tue, 05 Mar 2024 05:39:22 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
X-Powered-By: PHP/7.3.24

Redirect headers

Connection: Keep-Alive
Content-Length: 238
Content-Type: text/html; charset=iso-8859-1
Date: Tue, 05 Mar 2024 05:39:22 GMT
Keep-Alive: timeout=5, max=100
Location: https://wincdemu.sysprogs.org/
Server: Apache

GET
H2 200 css
fonts.googleapis.com/ 16 KB
2 KB 42ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,300,600

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4057a0dd932d74677ea79d1f3cbee9d007f4fd2a16ac42160186fb2243e0585c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 05:39:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 05:06:01 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 05:39:22 GMT

GET
H/1.1 200
OK style.css
sysprogs.com/css/ 35 KB
35 KB 749ms
153ms Stylesheet
text/css 2600:3c01::f03c:92ff:fe79:73db
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://sysprogs.com/css/style.css
Requested by: Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c01::f03c:92ff:fe79:73db Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: Apache /
Resource Hash: c37d357fc579d45164a43cd93af2cfe5154fea3c9a4bff6e899d7a187f33f05a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 05:39:23 GMT
Last-Modified: Sun, 10 May 2020 22:25:29 GMT
Server: Apache
ETag: "8c29-5a552b53072fc"
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 35881

GET
H/1.1 200
OK logo_b&w.png
sysprogs.com/img/ 15 KB
15 KB 749ms
154ms Image
image/png 2600:3c01::f03c:92ff:fe79:73db
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sysprogs.com/img/logo_b&w.png
Requested by: Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c01::f03c:92ff:fe79:73db Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: Apache /
Resource Hash: df7b36c2555c08b60f8591a43ed6c42a0bd9442269d9810b13c8cd3a7be8e9aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 05:39:23 GMT
Last-Modified: Wed, 17 Apr 2019 21:42:41 GMT
Server: Apache
ETag: "3c58-586c0c3d65640"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 15448

GET
H/1.1 200
OK navigation.js Show response
sysprogs.com/ 2 KB
2 KB 617ms
155ms Script
application/javascript 2600:3c01::f03c:92ff:fe79:73db
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to

Full URL: https://sysprogs.com/navigation.js
Requested by: Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c01::f03c:92ff:fe79:73db Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: Apache /
Resource Hash: 5a1a166428749c17f6500cf68460c15d73b06c0a7ef3cc37efdd75898b1b1aa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 05:39:23 GMT
Last-Modified: Wed, 17 Apr 2019 21:42:41 GMT
Server: Apache
ETag: "768-586c0c3d65640"
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 1896

GET
H/1.1 200
OK screen.png
wincdemu.sysprogs.org/ 31 KB
31 KB 156ms
155ms Image
image/png 2600:3c01::f03c:92ff:fe79:73db
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincdemu.sysprogs.org/screen.png
Requested by: Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c01::f03c:92ff:fe79:73db Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: Apache /
Resource Hash: e8d71b3e91a0848bd5de68947291a7aa6c5bd794a9724dfe88ab1af648a92e1d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 05:39:22 GMT
Last-Modified: Fri, 28 Feb 2020 20:25:54 GMT
Server: Apache
ETag: "7a89-59fa8a4f1df64"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 31369

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
50 KB 86ms
52ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

bc71aa09e8a2dae0f34791e0f469458b6e883edb0592fa61dec6e0e763354abe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:22 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51061
x-xss-protection: 0
server: cafe
etag: 15625488441738311352
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Tue, 05 Mar 2024 05:39:22 GMT

GET
H/1.1 200
OK wincdemu-download.png
wincdemu.sysprogs.org/ 58 KB
58 KB 312ms
156ms Image
image/png 2600:3c01::f03c:92ff:fe79:73db
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wincdemu.sysprogs.org/wincdemu-download.png
Requested by: Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c01::f03c:92ff:fe79:73db Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: Apache /
Resource Hash: 3b336227622be70ff5b13a9921656c8620bdd3d2a34a2578ba25f9926219cda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 05:39:23 GMT
Last-Modified: Fri, 28 Feb 2020 20:25:54 GMT
Server: Apache
ETag: "e82c-59fa8a4f248dc"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=98
Content-Length: 59436

GET
H/1.1 200
OK visualgdb_full.png
sysprogs.com/ 32 KB
32 KB 611ms
155ms Image
image/png 2600:3c01::f03c:92ff:fe79:73db
AKAMAI-LINODE-AP ...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sysprogs.com/visualgdb_full.png
Requested by: Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:3c01::f03c:92ff:fe79:73db Fremont, United States, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
Software: Apache /
Resource Hash: 140299fc91d8470cb9788bf2403e6bb237dc53c40b8b9b1eda482079da8c770e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Date: Tue, 05 Mar 2024 05:39:23 GMT
Last-Modified: Sat, 01 Feb 2020 16:35:12 GMT
Server: Apache
ETag: "7f85-59d864636faed"
Content-Type: image/png
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 32645

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v40/ 47 KB
48 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v40/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,300,600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://wincdemu.sysprogs.org
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Wed, 28 Feb 2024 04:08:42 GMT
x-content-type-options: nosniff
age: 523841
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48236
x-xss-protection: 0
last-modified: Thu, 14 Dec 2023 02:08:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 27 Feb 2025 04:08:42 GMT

GET
H2 200 likebox.php Show response
www.facebook.com/plugins/ Frame 7F5F 13 KB
8 KB 160ms
138ms Document
text/html 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FWinCDEmu%2F142851109122625&width=220&colorscheme=light&show_faces=false&border_color&stream=false&header=false&height=62

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2028952113cd4aa14f1fac8da44499af3cfb6fc55b492b6dbaec50ce69c15a2d

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com .tenor.co .tenor.com .giphy.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data: .tenor.co .tenor.com https://.giphy.com;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincdemu.sysprogs.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: private, no-cache, no-store, must-revalidate
content-encoding: br
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' blob: data: 'self' connect.facebook.net 'unsafe-eval';style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com *.tenor.co *.tenor.com *.giphy.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data: *.tenor.co *.tenor.com https://*.giphy.com;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com/ https://sandbox.paywithmybank.com/;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: unsafe-none;report-to="coop_report"
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 05:39:23 GMT
document-policy: force-load-at-top
expires: Sat, 01 Jan 2000 00:00:00 GMT
origin-agent-cluster: ?0
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(self), ch-device-memory=(), clipboard-read=(self), clipboard-write=(self), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
permissions-policy-report-only: clipboard-write=();report-to="permissions_policy"
pragma: no-cache
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
strict-transport-security: max-age=15552000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-fb-debug: nuXfNwCeMfz+XID2piiLDyh1FdHOgy6YgSRag3cT42x4DIRVSBFqkMRjSBrq6krd1XknhxLY2nQ6Q/oTp+2GEA==
x-xss-protection: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 05 Mar 2024 03:48:08 GMT
last-modified: Tue, 12 Dec 2023 18:09:08 GMT
server: Golfe2
age: 6675
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Tue, 05 Mar 2024 05:48:08 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 407 KB
138 KB 65ms
64ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3990163574929648&plah=wincdemu.sysprogs.org&aplac=true

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

422682828acc51aba3642cf071d41cad58d06f20232821db4038d92a8c7d4f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140927
x-xss-protection: 0
server: cafe
etag: 11479777644093350065
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 05:39:23 GMT

GET
H2 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/ Frame BD3D 9 KB
4 KB 28ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20190131/zrt_lookup_nohtml_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincdemu.sysprogs.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 29868
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 21:21:35 GMT
etag: 5035419970550746386
expires: Mon, 18 Mar 2024 21:21:35 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 15 B
225 B 14ms
14ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1931133157&t=pageview&_s=1&dl=https%3A%2F%2Fwincdemu.sysprogs.org%2F&ul=en-us&de=UTF-8&dt=WinCDEmu%20-%20the%20easiest%20way%20to%20mount%20an%20ISO.%20And%20more...&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAACAAI~&jid=1617863771&gjid=562029412&cid=851503654.1709617164&tid=UA-33041468-4&_gid=852019710.1709617164&_r=1&_slc=1&z=1891412077

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5c4b467f0549b6c7941ae4e2bd34ec04c30775723314738f2f6b15b6642e278a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://wincdemu.sysprogs.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 05:39:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincdemu.sysprogs.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 238 KB
85 KB 46ms
24ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-85DKDNMP97&cx=c&_slc=1

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95c4d1267ba519e8f537083d28e9292fc3619f6bfa7e66080159b45ed5d021e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:23 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 86646
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 05 Mar 2024 05:39:23 GMT

GET
H2 200 oCh4fJriDK8.css
static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/ Frame 7F5F 20 KB
6 KB 54ms
10ms Stylesheet
text/css 2a03:2880:f084:105:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://static.xx.fbcdn.net/rsrc.php/v3/yC/l/0,cross/oCh4fJriDK8.css?_nc_x=Ij3Wp8lg5Kz

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/likebox.php?href=http%3A%2F%2Fwww.facebook.com%2Fpages%2FWinCDEmu%2F142851109122625&width=220&colorscheme=light&show_faces=false&border_color&stream=false&header=false&height=62

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:105:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

61f0b9d180766a325d407379dfb471948a18f36a6a8b2184f5fc7c351b0b2202

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/
Origin: https://www.facebook.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

permissions-policy-report-only: clipboard-read=(), clipboard-write=(), picture-in-picture=();report-to="permissions_policy"
date: Tue, 05 Mar 2024 05:39:23 GMT
content-encoding: br
x-content-type-options: nosniff
content-md5: KlSVpDp/+1fEecEIRyxaRg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5241
reporting-endpoints: permissions_policy="https://www.xx.facebook.com/ajax/browser_error_reports/"
x-fb-debug: vACTKC4lNSdo2eQq42SVXv5nXDaZddOtUwkCswH1mJXsM/Xa90kBXYt7k4qybWGjDXXd6ePCg3+kiP/IuqJFuQ==
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
vary: Origin
report-to: {"max_age":21600,"endpoints":[{"url":"https:\/\/www.xx.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: text/css; charset=utf-8
access-control-allow-origin: https://www.facebook.com
origin-agent-cluster: ?0
cache-control: public,max-age=31536000,immutable
permissions-policy: accelerometer=(), ambient-light-sensor=(), autoplay=(), bluetooth=(), camera=(), ch-device-memory=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Wed, 05 Mar 2025 04:26:39 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 2DD2 98 KB
37 KB 1065ms
1064ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&h=280&slotname=3459168948&adk=54771071&adf=2550257800&pi=t.ma~as.3459168948&w=1200&fwrn=4&fwrnh=100&lmt=1709617163&rafmt=1&format=1200x280&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163748&bpp=14&bdt=1082&idt=161&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=3799439134924&frm=20&pv=2&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=175

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3990163574929648&plah=wincdemu.sysprogs.org&aplac=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f36fa919071e768761cef124106d346096a788590c1807f03dc9ab43ab09916b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincdemu.sysprogs.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 37297
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 05:39:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
258 B 36ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-85DKDNMP97&gtm=45je42t1v9109844100za200&_p=1709617163836&gcd=13l3l3l3l2&npa=0&dma_cps=sypham&dma=1&ul=en-us&sr=1600x1200&cid=851503654.1709617164&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwincdemu.sysprogs.org%2F&dt=WinCDEmu%20-%20the%20easiest%20way%20to%20mount%20an%20ISO.%20And%20more...&sid=1709617163&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1&tfd=3241
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-85DKDNMP97&cx=c&_slc=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 05:39:23 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://wincdemu.sysprogs.org
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0F5D 35 KB
14 KB 387ms
387ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&h=280&slotname=9122365647&adk=3387091555&adf=917691366&pi=t.ma~as.9122365647&w=1200&fwrn=4&fwrnh=100&lmt=1709617163&rafmt=1&format=1200x280&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163762&bpp=1&bdt=1096&idt=193&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3799439134924&frm=20&pv=1&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=196

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b585c85e95dc9bd77ee8f10b3bd6145b48a42534e9284eb9efbba5097824c2f4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincdemu.sysprogs.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 14179
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 05:39:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4D4E 234 KB
58 KB 1121ms
1120ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&adk=1812271804&adf=3025194257&lmt=1709617163&plat=3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&pra=7&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163790&bpp=2&bdt=1123&idt=181&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280%2C1200x280&nras=1&correlator=3799439134924&frm=20&pv=1&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&fsb=1&dtd=189

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca5c35bfc7331c2609bd9ac5cd8f9cd852eaa5b7de7311b431b72875213c9dce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincdemu.sysprogs.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding: br
content-length: 59579
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 05:39:25 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 0F5D 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&h=280&slotname=9122365647&adk=3387091555&adf=917691366&pi=t.ma~as.9122365647&w=1200&fwrn=4&fwrnh=100&lmt=1709617163&rafmt=1&format=1200x280&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163762&bpp=1&bdt=1096&idt=193&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3799439134924&frm=20&pv=1&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=196

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 23:25:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 0F5D 20 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 18:01:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 0F5D 207 KB
63 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 854
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 06:25:10 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5426 157 KB
53 KB 114ms
61ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeawCwAO4o8Iu_6MAAabV-7qCU9Y9ugdJBOapA&u=%7CQvhks5wtSuXoiGDcQC52zk2kJdG1czAYCrfvVktrb%2B0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyzkDkBo83W2EfVZ0ywfZl3ZUaEmn3Wl9tzWmwI125JxvZrDdf81Nc-3JMzlp1phxGpNLrlq5dCKylsm9jikAPknECP9ZRD5TJFzgdVJP8MJkzqr0NffxK5ZGhZYAzBhQuly0NceYoExrWDsjo9VJKsnJPxg_XzOlNiN9r8rz6OmNXgkbeMNs8RlehEGnICUHsZ-SEW9efj9ZOhZcgmOiXqosQD53HmzIYR2my-ygt2m9GoEp5nnKWYvwvuGAXfKneFDiEErCpMDAkIYMsVO2xFvX2MvvLOMjH40wZ3FKCDRdPYx7Et14F-hQH_SByB60kXS7sqe6FeJtN_Feji5zoh2lOh_Z8VZ3qN8mZKbT8Stqp7iR1tuRzNNX4ivAJqX2XannQjPmxQm-HHrfCZP7qvygDGB0ZFF-ZGPPtXqGAj0TSGaJetVqnrzhaqCTHsnrmFezguXJjleQjJk64wvgC7Zos5Q_4qhbcN21mnpplTsPFDaBfospwflN38HVfoyCZzNBTGFFKcjd-LWUJo2_aApHV1_hRcKxHJkmDCHXAEFeaZ20O9F8Dwo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCafSFC7DmZY_FO4z97_UP17aasAzJntKxXL3xlPdwwI23ARABIABglfqagqwHggEXY2EtcHViLTM5OTAxNjM1NzQ5Mjk2NDjIAQmpArslBQjVM7I-qAMByAMCqgTaAU_Qq973o_jARfPtANgkagNYDGujgf0FyL9SF10fJh7JYJ9fwLB9-sBBT2hVeuexHe6WxZDma9714B9EbAJ51JDIfGII5KgKMbPCe63EezsQ4u3mAjp31IwYR_xjUHcShNOO4xba3_mb-4fy-2pAfRji0MwfMCkz92V6EJ8MLFhSAteUqpYYNqlqi_Rq1FIN8Oc64fYHl7CL4nP9uKs_ummWSvDQq-NzsVIzfl5Bc_HV3EA6_8X699eGqvEnyPytNRTxfb6bx1TPY0ceBlkqVJspXDERCB34-3SggAbi14akioCbow2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUKEi9_cE6WLnWip603IQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0qm9KT4oynTLW3rOdbo5S4Kwpsaw%26client%3Dca-pub-3990163574929648%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d3e4c390667ad633e229c5e25a0a3a871a02c4801f11a359a7af6bbc54a8a9e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 05:39:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=4lZ-PnkqeSJvjMdJLz-QNgKBtGjuPQKhS8hygMeBp-PcIKbEqZ6bkjSOBoUhMNrbb6PZbWyE8xph7cYIxkW4tsx6g8JcHnAF_deCj0ZgMAIwU7W0a2q2DPrCTHM-7nNneQiEfTIMLbu463rwxCoePRgGzzVJYDGwmyd-_LBCNePmHRShskVuYLHnsotY-Z0aOfV7rViW_eXsvK4usbLk7Bjh3R5i8mPfpNrrH0NKlZ6V2hpO07i9vYaIlmvjiMnW6hUyMA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 43704510
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 0F5D 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 854fcb8d308ff2d975a2efc0824016e3966248fd41b23c91e8c47ec5913ba99e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 0F5D 0
19 B 49ms
49ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CHG1LC7DmZY_FO4z97_UP17aasAzJntKxXL3xlPdwwI23ARABIABglfqagqwHggEXY2EtcHViLTM5OTAxNjM1NzQ5Mjk2NDjIAQmpArslBQjVM7I-qAMByAMCqgTXAU_Qq973o_jARfPtANgkagNYDGujgf0FyL9SF10fJh7JYJ9fwLB9-sBBT2hVeuexHe6WxZDma9714B9EbAJ51JDIfGII5KgKMbPCe63EezsQ4u3mAjp31IwYR_xjUHcShNOO4xba3_mb-4fy-2pAfRji0MwfMCkz92V6EJ8MLFhSAteUqpYYNqlqi_Rq1FIN8Oc64fYHl7CL4nP9uKs_ummWSvDQq-NzsVIzfl5Bc_HV3AI43ld6ZAe7DCEAEnCN3LD_WrQtzXrX4fPWO__Y64UFRKnbnD0RgAbi14akioCbow2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUKEi9_cE6WLnWip603IQDgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTM5OTAxNjM1NzQ5Mjk2NDgYAA&sigh=ZHzYOS3kPvY&uach_m=%5BUACH%5D&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&h=280&slotname=9122365647&adk=3387091555&adf=917691366&pi=t.ma~as.9122365647&w=1200&fwrn=4&fwrnh=100&lmt=1709617163&rafmt=1&format=1200x280&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163762&bpp=1&bdt=1096&idt=193&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3799439134924&frm=20&pv=1&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=196
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Mar 2024 05:39:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 0F5D 0
126 B 57ms
13ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=mvzSGcz6RLAJmAKdg2ICAgAAACQUNfsoOXz1nSpk5BAMsOZl9KJwdB2gLJvsVQAAEgAACgpBUVVCQVFFQkFR5BfrFkdOAYjbpXdv5eh0uw&wp=ZeawCwAO4o8Iu_6MAAabV-7qCU9Y9ugdJBOapA&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:23 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 140522
server: Kestrel
content-length: 0

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5426 2 KB
1 KB 40ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeawCwAO4o8Iu_6MAAabV-7qCU9Y9ugdJBOapA&u=%7CQvhks5wtSuXoiGDcQC52zk2kJdG1czAYCrfvVktrb%2B0%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpMoZ3wmmJmKyzkDkBo83W2EfVZ0ywfZl3ZUaEmn3Wl9tzWmwI125JxvZrDdf81Nc-3JMzlp1phxGpNLrlq5dCKylsm9jikAPknECP9ZRD5TJFzgdVJP8MJkzqr0NffxK5ZGhZYAzBhQuly0NceYoExrWDsjo9VJKsnJPxg_XzOlNiN9r8rz6OmNXgkbeMNs8RlehEGnICUHsZ-SEW9efj9ZOhZcgmOiXqosQD53HmzIYR2my-ygt2m9GoEp5nnKWYvwvuGAXfKneFDiEErCpMDAkIYMsVO2xFvX2MvvLOMjH40wZ3FKCDRdPYx7Et14F-hQH_SByB60kXS7sqe6FeJtN_Feji5zoh2lOh_Z8VZ3qN8mZKbT8Stqp7iR1tuRzNNX4ivAJqX2XannQjPmxQm-HHrfCZP7qvygDGB0ZFF-ZGPPtXqGAj0TSGaJetVqnrzhaqCTHsnrmFezguXJjleQjJk64wvgC7Zos5Q_4qhbcN21mnpplTsPFDaBfospwflN38HVfoyCZzNBTGFFKcjd-LWUJo2_aApHV1_hRcKxHJkmDCHXAEFeaZ20O9F8Dwo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCafSFC7DmZY_FO4z97_UP17aasAzJntKxXL3xlPdwwI23ARABIABglfqagqwHggEXY2EtcHViLTM5OTAxNjM1NzQ5Mjk2NDjIAQmpArslBQjVM7I-qAMByAMCqgTaAU_Qq973o_jARfPtANgkagNYDGujgf0FyL9SF10fJh7JYJ9fwLB9-sBBT2hVeuexHe6WxZDma9714B9EbAJ51JDIfGII5KgKMbPCe63EezsQ4u3mAjp31IwYR_xjUHcShNOO4xba3_mb-4fy-2pAfRji0MwfMCkz92V6EJ8MLFhSAteUqpYYNqlqi_Rq1FIN8Oc64fYHl7CL4nP9uKs_ummWSvDQq-NzsVIzfl5Bc_HV3EA6_8X699eGqvEnyPytNRTxfb6bx1TPY0ceBlkqVJspXDERCB34-3SggAbi14akioCbow2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggnCJHhgHAQATIF64uAgCA6CYBAgICAgICUKEi9_cE6WLnWip603IQD-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0qm9KT4oynTLW3rOdbo5S4Kwpsaw%26client%3Dca-pub-3990163574929648%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:24 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5426 2 KB
1 KB 41ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5426 308 B
636 B 40ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 28 Feb 2025 05:39:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5426 293 B
621 B 40ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 28 Feb 2025 05:39:24 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5426 43 B
348 B 238ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=mckxPzdsp10CpMyrZ_Q4usk7dvG3Cumu3S3Vqr_qtk29f91-I2pcsGywc2Zqs2SzxquH5fH5OsPKSBgl_Ol9MgA076ISlCt_spV8DE2a2wwYr3SBo72lu9Ab2AUeTtGEbXDAOT0ag1RH6tCRqvF5fY4AiAVaqbbIZ5IuhPC3QYaxoXha6QXQcRzRiEU3A5lm6JoggYOJ4Zm1FFO-QuS-xSgtJ4kjHZgxx_DnJKZYO-FvUTYw_UDGz4WVSWmGa2mMTAkF6PZdJ3sny3oovUnNlwRS8Is8kaEt9nCKL95XqI_EFBl7tJh0I_LlXFAbe2tDhwxY-pox3FpsG-ICytRxEbYg8Qx433h9bJFqvmzi-qwVRySHvUvNAKwz6fYJiYfeMcVEtb8Gt6Bf2HvPQAVJ-mzJebsznR-ShQNebLgTRFmhUFAF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 05:39:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2060852
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5426 12 KB
6 KB 32ms
23ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5426 3 KB
4 KB 207ms
13ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=556&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F50716%2F5267080%2Fd40bba63cf07408797e7bc7b509f2af1_js_logo_800x1200px_blue.jpg&v=3&w=196&rid=4&s=e9xu2qCZ9gky2k8dG_lkQ4Qe

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f7334f1e536b9d3ada5c6a84af70f68e01fb4e42969931e957a6333ea981d9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3476
expires: Tue, 25 Feb 2025 00:59:35 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5426 204 KB
205 KB 239ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F50716%2F5267080%2F2164c4624cfb40c8a0fe018e4fb1fe02_paid_criteo_ongoing_winter2024_baumhaus_1200x628.jpg&v=3&w=1200&rid=4&s=drrP4UtFNjFqsf2G4RP9J8Pn

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

92e239018f70f88c4c66044cc2e21c053e2d3067b3aaf15992b8b39d1b38eb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 209314
expires: Sat, 25 Jan 2025 12:22:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5426 69 KB
69 KB 238ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F519344%2Fdata%2FRc7LasMwEIXhVymzjqQWGlL8KlUxijSO7ciWmAsCG797nW66Obuf7-zAFKGDUaRy5513rTU7lzjiajiODacNySb0rlJJGsUMiMk77j-_brd3O9fH23-8hGm1LEGmaGdeknlQ0WpjWbwLzCjs3YqtTzgEzdJrzSWk_q7xiXLamPOKzOaptCnloHczKJLZzh_mDzQfLxIuMGSB7nsHQuh2iFQqdNcLnCukeBw_xy8.jpg&v=3&w=800&rid=4&s=XBWCnpph17Cdes_gMuWFas9y&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

89ffe0c0d6f7cd37f600facbcd2f09f40d8f053ffed82144b34ceec97f777de8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 70624
expires: Tue, 25 Feb 2025 07:17:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5426 75 KB
75 KB 232ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F519344%2Fdata%2FRcxNDsIgEEDhq5hZF0gTXchVxDQUpn_SQpghJDa9u9WNm7d73w6UHWiYmBNpo4yqtcolugk3QW6qOL8xS49GpRx9cSwGRG8UdW3b3q9ySePlP6923iSx5dnJhVYvxhxLki6uRlkiZDKq8zjYErgrKUTru764F_IpskXPWHKwpRc_XbRfHxoYAoN-7JAR9A4uxwT61sBZzgWP43l8AA.jpg&v=3&w=800&rid=4&s=Whb7UvHwdwJb1-yZR5hNFoDX&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

256c715d8bf41fc2ca23c1223ff968b2abd64978cf780302aea2cbf12ea1aeed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 76804
expires: Sun, 23 Feb 2025 19:16:37 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5426 46 KB
46 KB 217ms
23ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=50716&q=80&r=0&u=https%3A%2F%2Fgfx.productsup.io%2Fimg%2Fsite%2F519344%2Fdata%2FRY5BCsIwEEWvIrM2CRWkkKsYKTGZ2Na2iTMTCpbe3bpy8xcPHu9vwBTAQi9S2DrjzLquesyhx0Vx6FccPkg6ojOFcqxBVEKMznDXXNpWj-V5-ruzHxbN4mUIeuQ5qiflWnTIszOeGYWd6SImXyfpapmyj92jhheKM-_qo8op0QFV8j0dB34J1fwicIY0CdjbBoRgNwiUC9jrGY4Vqrjv9_0L.jpg&v=3&w=800&rid=4&s=GXrfVHmnxtFM3C5WpJTK5gLF&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

282c4bdc25545872e76681ae141a5c55e8ff9bf5e375882688188849312b7fd7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 47286
expires: Sat, 25 Jan 2025 12:22:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5426 0
128 B 206ms
12ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=4lZ-PnkqeSJvjMdJLz-QNgKBtGjuPQKhS8hygMeBp-PcIKbEqZ6bkjSOBoUhMNrbb6PZbWyE8xph7cYIxkW4tsx6g8JcHnAF_deCj0ZgMAIwU7W0a2q2DPrCTHM-7nNneQiEfTIMLbu463rwxCoePRgGzzVJYDGwmyd-_LBCNePmHRShskVuYLHnsotY-Z0aOfV7rViW_eXsvK4usbLk7Bjh3R5i8mPfpNrrH0NKlZ6V2hpO07i9vYaIlmvjiMnW6hUyMA&sds=2&rev=90888.4&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5426 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5426 2 KB
1 KB 16ms
16ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:24 GMT

GET
H2 200 12449334395069087038
tpc.googlesyndication.com/simgad/ Frame 2DD2 14 KB
14 KB 60ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12449334395069087038?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qncTmRFhBE9vxXN2SslzOX_95KMgg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&h=280&slotname=3459168948&adk=54771071&adf=2550257800&pi=t.ma~as.3459168948&w=1200&fwrn=4&fwrnh=100&lmt=1709617163&rafmt=1&format=1200x280&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163748&bpp=14&bdt=1082&idt=161&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=3799439134924&frm=20&pv=2&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=175

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

533bbec9eb2cd0a902e28b6b5dc3a29eab1cedcd36854175bc86d1549df8892c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 27 Feb 2024 08:52:41 GMT
x-content-type-options: nosniff
age: 593204
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 13853
x-xss-protection: 0
last-modified: Sun, 28 Jan 2024 13:35:58 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 26 Feb 2025 08:52:41 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 2DD2 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22454
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 23:25:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 2DD2 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 23:25:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 2DD2 20 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41872
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 18:01:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 2DD2 207 KB
63 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 06:25:10 GMT

GET
H3 200 one_click_handler_one_afma_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 2DD2 36 KB
14 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/one_click_handler_one_afma_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:11:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16086
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14561
x-xss-protection: 0
server: cafe
etag: 9133869656772815932
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 01:11:19 GMT

GET
DATA 200
OK truncated
/ Frame 2DD2 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cecbcfc3730fea775178c8e8c4dc1f9b3d5788affcad29ee9d2f716eb818148d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 2DD2 0
0 46ms
46ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CWwwKC7DmZe3SOa2s9u8PmPGu0AmX76ufdorvi-PKErmK77HUCBABINCix3tglfqagqwHoAHv2sjXAcgBAqkCNTb3W7u0qD6oAwHIA8kEqgTZAU_QNbqDKWEaJawdN20-zzC33apkTpi2I7B_uTVA6jIJLFCSkeIok_Tpj9ulFd07W4JWCap2xXf4ZqMR021x5wZjE5nXx2SUqdxs-pWvv9mP0aoYR_DbqKWe3VtXOXmZNJnsiFDJaAJiTIuGXfRCJp8saiazD6GOhkZHIaYgNGxgkgpDD7G7vPyiYzjfkhtOYjrqkjDe5YXeegVAtGcjIjCS76kQ1ta-1_gHRaZYiaHHUzZ-WGN-jdNykzIq9l1a0vzYKV7w_WQrYBeh4aE_juuhRgC_aR_Fu0_ABK3hrKO_BIgFlsKv8UySBQQIBBgBkgUECAUYBKAGAoAH-aS3qAKoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAevvrECqAfVyRuoB6a-G9gHAfIHBBDG1wvSCCsIkeGAcBABGB8yB-uLgOC_gA06CYBAgICAgICUKEi9_cE6WOjhiJ603IQDmglpaHR0cHM6Ly9pbnN0YWxsYXBwcy5jb20vcmVnaXN0ZXItbm93Lz9jYW1wYWlnbmlkPTIwNjM4ODUxMzUwJnBsYWNlbWVudD13aW5jZGVtdS5zeXNwcm9ncy5vcmcmZGV2aWNlbW9kZWw9gAoByAsB2BML0BUBmBYBgBcBshccChoIABIUcHViLTM5OTAxNjM1NzQ5Mjk2NDgYAA&sigh=dq9D0JF_X8w&uach_m=%5BUACH%5D&ase=2&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&h=280&slotname=3459168948&adk=54771071&adf=2550257800&pi=t.ma~as.3459168948&w=1200&fwrn=4&fwrnh=100&lmt=1709617163&rafmt=1&format=1200x280&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163748&bpp=14&bdt=1082&idt=161&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&correlator=3799439134924&frm=20&pv=2&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=413&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=175
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Mar 2024 05:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js Show response
pagead2.googlesyndication.com/bg/ Frame 6006 51 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20184
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 21:52:53 GMT

GET
H3 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/ 166 KB
56 KB 50ms
49ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402270101/reactive_library_fy2021.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fff1e6e6e51664f324fa9d4f2009b4fb79789d88adfd37bb202b8c13a45a07ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57342
x-xss-protection: 0
server: cafe
etag: 12722121721240855931
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 05:39:25 GMT

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame 884C 9 KB
4 KB 7ms
7ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincdemu.sysprogs.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 20:36:47 GMT
etag: 5035419970550746386
expires: Mon, 18 Mar 2024 20:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 zrt_lookup_nohtml_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/ Frame A2A1 9 KB
4 KB 7ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincdemu.sysprogs.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 32558
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4155
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 20:36:47 GMT
etag: 5035419970550746386
expires: Mon, 18 Mar 2024 20:36:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 884C 5 KB
790 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 05:36:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 05:39:25 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4A22 6 KB
801 B 17ms
17ms Stylesheet
text/css 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Tue, 05 Mar 2024 05:35:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 05 Mar 2024 05:39:25 GMT

GET
H3 200 load_preloaded_resource_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 4A22 2 KB
822 B 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:01:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41859
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 18:01:46 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/ Frame 4A22 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/abg_lite_fy2021.js

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8947
x-xss-protection: 0
server: cafe
etag: 12299188824252842506
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 23:25:10 GMT

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 4A22 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 23:25:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame 4A22 20 KB
8 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 18:01:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 4A22 207 KB
63 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 06:25:10 GMT

GET
H2 200 eea50308dcf9de2b0c0fe89d3b5a5e83.js Show response
www.gstatic.com/mysidia/ Frame 4A22 36 KB
15 KB 30ms
6ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 04:05:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92047
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15206
x-xss-protection: 0
last-modified: Wed, 28 Feb 2024 00:55:57 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Sun, 02 Jun 2024 04:05:18 GMT

GET
H3 200 fullscreen_api_adapter_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 884C 15 KB
6 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/fullscreen_api_adapter_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:51:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 20905
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6454
x-xss-protection: 0
server: cafe
etag: 7487576354850247333
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 23:51:00 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 884C 205 B
295 B 29ms
9ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 19:32:20 GMT
x-content-type-options: nosniff
age: 36425
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 205
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Mar 2025 19:32:20 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 884C 604 B
919 B 28ms
8ms Image
image/png 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 17:35:53 GMT
x-content-type-options: nosniff
age: 43412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 604
x-xss-protection: 0
last-modified: Thu, 20 Jul 2023 22:48:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 04 Mar 2025 17:35:53 GMT

GET
H3 200 interstitial_ad_frame_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/ Frame 884C 22 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/elements/html/interstitial_ad_frame_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 01:07:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16338
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9093
x-xss-protection: 0
server: cafe
etag: 981128176822753981
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 19 Mar 2024 01:07:07 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 20CA 165 KB
55 KB 67ms
63ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeawCwAPM3IIu_KUAAD7CWZTRMAmi8uur8c1fw&u=%7CQvhks5wtSuXZNRozWm7Qr3%2F%2F6sjnLe8kMLfj1XoGTZk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUKXAUja0x4EaKAdFf4jpcRp4wrolhc9HcVEaoOkRAt0WT8fjzZATQKQkBiDE_FR7RcqDqM5jCQiTeajt-ctY5BCNu_4kAfGnKBnm0Sg6wh0YIup9rEHr0Nnoq_UvHHtt7zfUVLe3uZ8UJT_muWsl-3LHNcy7mf4-3EI8l4m3_1te3ryoYLOgCnOWnU4h4BgVGB5lox0DPeQi5SJHUCCSQuIrsahEtmNY510hThjG4sAlRvVBdCUH1d3KCqUMdsY3Q4IIrtwqam_78bKwzy7ykiJxCVFm2U_L2zAe8uUf8rESDn0pahI4D1t2byjF0SBf6-c-0_JAJH25Y-w4KdkelVBu2hvW3LKC51Y-ypH3G6ysYWc3JF5iuS6stuJ3_vnuTd0UGdhNjc1m_xu_stDPhd6WOrIkv-xRxVCkMuAUFJQhXI3-srsYIH_0fICcVaJu2w5WQDwYLjvun1kWGENyaMBtIK9qaN5a6MmOzPL6WtGX9ZHLoVDX5DZvVw8n-OmY-aXvFXVeeEWbwhA_fXXs-ptD6zajGJShD-hLPSHRzeQHtJ7nvmkkW6UZL-zpjnyojg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQVwAC7DmZfLmPJTl7_UPifaDiATJntKxXPWdmPdwwI23ARABIABglfqagqwHggEXY2EtcHViLTM5OTAxNjM1NzQ5Mjk2NDjIAQmpAl9oYfDXNLI-qAMByAMCqgTUAU_Qc6L4jIfAHNdAYVbZFhCun28-SRk6eAEQA14Ln317PFht3dsfOpIUHlAnlJOzh0LKX85qLXoxGbSaA2vYOTlciLL55xeAlL8otYNEnAueYzifb8Hr0je8nfyBq68lGOdLK7wwfcScd9_CHmXdNfBB27n4HVG-0i86zzohtbn2GkvfYG7RZscSTIXyqIvW71LrnCHS4ERrlTfRgnzBvU5t4MDgWaM_Ji_4wgTVBS4PVyY56DUuX3eL2BEt-C8lhU_C7od80n3c2KSataHJlhg13G9QgAbi14akioCbow2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggpCJHhgHAQATIH64uA4L-ADToJgECAgICAgJQoSL39wTpY_vuLnrTchAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_126DmvwWPOz6rx1e0wfg7VPEaq3g%26client%3Dca-pub-3990163574929648%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f3d697d8459a847ed1f261e14796d14e83fed33be0c7cfeea45daae755ad5dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 05:39:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=6YuG-3kqeSJvjMdJzHL9p7CYwFZScYJo0t2DIS00SQ3v5e7Jcb5sGyg1E_e5FEzt6KNM386GUvvB1A9pwUTcbJSREqXwB-3bkO9ZnesdfhD-z_2II28HG5QS9mtdq2XGV1684vURlZ3TJoXKtUrIirJaDTBmh9Hu0n9qwR5I3HwFIrlW6-bKqMJnwTn_VhjjoX1xa-sgGvmkoKAH_lFAh-P_o_X9DQUlddHRcVN_-ZxJZ16ota96bcqWGvWLELm8fP6fVg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 46913974
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame A2A1 3 KB
1 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22455
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 23:25:10 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/ Frame A2A1 20 KB
8 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20240228/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 18:01:32 GMT
content-encoding: br
x-content-type-options: nosniff
age: 41873
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8211
x-xss-protection: 0
server: cafe
etag: 3968847549730513390
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Mar 2024 18:01:32 GMT

GET
H3 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A2A1 207 KB
63 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 855
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 64050
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=ISO-8859-1
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 05 Mar 2024 06:25:10 GMT

GET
DATA 200
OK truncated
/ Frame A2A1 206 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b18423cfb337dc1fdb9d293aa865d42d74f0406a3f9543d45e28ba5e7adffde

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 20CA 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZeawCwAPM3IIu_KUAAD7CWZTRMAmi8uur8c1fw&u=%7CQvhks5wtSuXZNRozWm7Qr3%2F%2F6sjnLe8kMLfj1XoGTZk%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUKXAUja0x4EaKAdFf4jpcRp4wrolhc9HcVEaoOkRAt0WT8fjzZATQKQkBiDE_FR7RcqDqM5jCQiTeajt-ctY5BCNu_4kAfGnKBnm0Sg6wh0YIup9rEHr0Nnoq_UvHHtt7zfUVLe3uZ8UJT_muWsl-3LHNcy7mf4-3EI8l4m3_1te3ryoYLOgCnOWnU4h4BgVGB5lox0DPeQi5SJHUCCSQuIrsahEtmNY510hThjG4sAlRvVBdCUH1d3KCqUMdsY3Q4IIrtwqam_78bKwzy7ykiJxCVFm2U_L2zAe8uUf8rESDn0pahI4D1t2byjF0SBf6-c-0_JAJH25Y-w4KdkelVBu2hvW3LKC51Y-ypH3G6ysYWc3JF5iuS6stuJ3_vnuTd0UGdhNjc1m_xu_stDPhd6WOrIkv-xRxVCkMuAUFJQhXI3-srsYIH_0fICcVaJu2w5WQDwYLjvun1kWGENyaMBtIK9qaN5a6MmOzPL6WtGX9ZHLoVDX5DZvVw8n-OmY-aXvFXVeeEWbwhA_fXXs-ptD6zajGJShD-hLPSHRzeQHtJ7nvmkkW6UZL-zpjnyojg&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCQVwAC7DmZfLmPJTl7_UPifaDiATJntKxXPWdmPdwwI23ARABIABglfqagqwHggEXY2EtcHViLTM5OTAxNjM1NzQ5Mjk2NDjIAQmpAl9oYfDXNLI-qAMByAMCqgTUAU_Qc6L4jIfAHNdAYVbZFhCun28-SRk6eAEQA14Ln317PFht3dsfOpIUHlAnlJOzh0LKX85qLXoxGbSaA2vYOTlciLL55xeAlL8otYNEnAueYzifb8Hr0je8nfyBq68lGOdLK7wwfcScd9_CHmXdNfBB27n4HVG-0i86zzohtbn2GkvfYG7RZscSTIXyqIvW71LrnCHS4ERrlTfRgnzBvU5t4MDgWaM_Ji_4wgTVBS4PVyY56DUuX3eL2BEt-C8lhU_C7od80n3c2KSataHJlhg13G9QgAbi14akioCbow2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggpCJHhgHAQATIH64uA4L-ADToJgECAgICAgJQoSL39wTpY_vuLnrTchAP6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_126DmvwWPOz6rx1e0wfg7VPEaq3g%26client%3Dca-pub-3990163574929648%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:25 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 20CA 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:25 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 20CA 308 B
636 B 15ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Fri, 28 Feb 2025 05:39:25 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 20CA 293 B
621 B 13ms
12ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Fri, 28 Feb 2025 05:39:25 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 20CA 43 B
347 B 14ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=c1-gwdPWW2tCE1QRxUAXOOMKxsz5lOjrtNr55qjZXQQfqIIHzwqbMLoLHvJpRphomIzZ3syfqnX7SiOiCO_zywHauRX9N7R__BjBmEPJRfBYl2WhnEjrtvS-0Hqklg9bxwQUQF0ZRlfimoSlM-qbLsnHOZO2puVu8puCt-oZBN-5W0OHyCBwjUPebOQkrQK0OmSTrcvmTJSCtLY6m3AGMw5FqA2P6Kbiaa-dLZ6froul3nTqyij9f_5KT6Js4wgjEslRwNdGdraYseTIBJpCffblLKK0HsZnjaMVBXWTTIggOqAQsPWNGcPJCtgssI2va-NW8ekt3UjgGTO0ytHRBtKsQJ9Wi6XqkwuHqTleLkfw6M2lFQBGXoWF5Bi4ZUinkxvgjkTY8Pn5lxnTfp-6V3azwPXQDcXAWTYBVolxk2ZpQ6bc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 05:39:25 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1705207
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 20CA 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:25 GMT

GET
H2 200 000WJillVJQcV9F7w1KzkhCQRNtnIxeu7FN4ybxEyq4q4SuQnKX7r1yf2j3iFL5M9Pxwc5c7p4xxBmsbrzJo3pR1AjsyX7MSqTnPRiV51lGyZxv61abpcQRfqNroCmSfZjRd28xfHHRtubmFz4UBLYySnimTvFCELvBEpPFaQq5Yuq4dMJAkdqt9BqGsgbE2wvzmr...
imageproxy.eu.criteo.net/v1/ Frame 20CA 3 KB
3 KB 15ms
13ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/000WJillVJQcV9F7w1KzkhCQRNtnIxeu7FN4ybxEyq4q4SuQnKX7r1yf2j3iFL5M9Pxwc5c7p4xxBmsbrzJo3pR1AjsyX7MSqTnPRiV51lGyZxv61abpcQRfqNroCmSfZjRd28xfHHRtubmFz4UBLYySnimTvFCELvBEpPFaQq5Yuq4dMJAkdqt9BqGsgbE2wvzmrXGUrPigcz2TjXQzA2sZHfVZi3hjh41lI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

1e4fca317c98d32629a90602a4c1d53d368509b49fbc9932324c6fdd2c6a16d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 2796
expires: Tue, 25 Feb 2025 00:59:35 GMT

GET
H2 200 000OXpkDEksMgC2WK3dY9cOkrpA3RsWWevdRXcdqliYnXoE14Botuf9MBPevSK9AGZg4Dpuf2Dk3SXn8xhN58z8oz20XRWHh86B4lr8gSq2dggkaQaJWD8y1HIyMU2Hhsw7YXjI743cePt8zxbfWtasBXXhcNuUgzmWnobuMyloa9dXUa61q8w1eeCKUqukIr1WpJ...
imageproxy.eu.criteo.net/v1/ Frame 20CA 204 KB
205 KB 20ms
18ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/000OXpkDEksMgC2WK3dY9cOkrpA3RsWWevdRXcdqliYnXoE14Botuf9MBPevSK9AGZg4Dpuf2Dk3SXn8xhN58z8oz20XRWHh86B4lr8gSq2dggkaQaJWD8y1HIyMU2Hhsw7YXjI743cePt8zxbfWtasBXXhcNuUgzmWnobuMyloa9dXUa61q8w1eeCKUqukIr1WpJZeZMfXkcm3lJpI1pOUuqumKEaLbHpLdQMeuaWUtkbKXfZY4zAkJBTV5fwP0DW2POkNl

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

92e239018f70f88c4c66044cc2e21c053e2d3067b3aaf15992b8b39d1b38eb16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 209314
expires: Tue, 25 Feb 2025 07:20:16 GMT

GET
H2 200 000MXehC2nqHj5Q2nAm9RSAa1W9ijFL3HLhCF6XCKIEloPrU4PGeXe4sNqFn0casQ64nqyGq5s6g0RTmO7PI3tRVfzrGQmXwHDNW0tCgpBKJg0190MNNhnT12vnIkbKdwMI91gZi5i9YBDsZqIba9FR84e7FQ7ZDIpRc8EHxcAVlrYRaXZ5SGJpfhnVUZg0Dut4gW...
imageproxy.eu.criteo.net/v1/ Frame 20CA 29 KB
29 KB 19ms
17ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/000MXehC2nqHj5Q2nAm9RSAa1W9ijFL3HLhCF6XCKIEloPrU4PGeXe4sNqFn0casQ64nqyGq5s6g0RTmO7PI3tRVfzrGQmXwHDNW0tCgpBKJg0190MNNhnT12vnIkbKdwMI91gZi5i9YBDsZqIba9FR84e7FQ7ZDIpRc8EHxcAVlrYRaXZ5SGJpfhnVUZg0Dut4gWOQRtFUsnASv08yQxlfZ7as49HWT7lYymOZu5OQgyextBmQ0T1F3Jb1J7GLN38UJQniXc9luZ0x16xDbxB1sjsbFdaJDsrv27RwOR6yfWMJPZ91lMYj0louZMYMZtcE6oYodeRa6EKVTcmOpivXlNNyhYYMD9KCeWLx3NkvzkR4FUpDU9bXBVuCnMrBTr1yuMkdJwTYJgZDLUsHu0ug0vEr4P0SDriLTHlS39WHGFuSZrxEu?b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

773c3f932df310cff79db2a8cc31377904baf920c42b6c9ea19fc18d5d2f7b19

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 29896
expires: Tue, 25 Feb 2025 07:17:56 GMT

GET
H2 200 000BhDlMG0ZXrFAutzBZEW7JvnUqRNaW7jfk7CcgruKYTDseMyCH2SXi9TQOeZULXmevTSUM3SFILCYHSBPaZVRioPsYKOEB2wL5Id2Ii1wxXGNfmm62JmX0MvVaevMpJIqG8L5tIO32EcN5ImSwmlsAoeczcASCjvTDUv3rhClYRzEON8wH1Rf5gr02XNtoO8HsT...
imageproxy.eu.criteo.net/v1/ Frame 20CA 27 KB
27 KB 15ms
14ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/000BhDlMG0ZXrFAutzBZEW7JvnUqRNaW7jfk7CcgruKYTDseMyCH2SXi9TQOeZULXmevTSUM3SFILCYHSBPaZVRioPsYKOEB2wL5Id2Ii1wxXGNfmm62JmX0MvVaevMpJIqG8L5tIO32EcN5ImSwmlsAoeczcASCjvTDUv3rhClYRzEON8wH1Rf5gr02XNtoO8HsTJ3EdfUXxAdlzTvrPut4P0VT1Ka8b1P8AeyvYTbHSxjT94RPbR3uoM2d95C54NgYwUN0D3vPcLlItREzyhxEazXmPgZCIlxH8vUxDe31gddb9ulM0Svut6A0VVcugZXrjinDMo57FvBg5SknK0V7ULHeMLOMiAwZbhpXnwlPsqaVV0RcYeL4NvqGsYWDIsuZM4QpLBDTdR51zFx3Q6BCQTbCCY5X1LfrPOLRjcYK2vusf01FjCbU79L54UFGLfGrDIbxNlt?b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

94e61aa37ceeadb1c19447a851fddc0b22f1fabf4a2adb6a68f145f64bacc90b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 27910
expires: Tue, 25 Feb 2025 07:18:23 GMT

GET
H2 200 0006CKVthkBpzuErCSQJGXMNm6bISXKvRUhtRVwoxVDyjg1lx4Pgy13Z68FTIseNnzlowTdWmadBQI2S6AfzmWJa3xT9AEgioNKoCxyWbo5iJM7AxtquwVaS8sYZrAtBXHr5bh6DxnHS89fjn6kXIYgjlBIkxBrBXp3T4BvGc8ezVu9HY2MEi1M7qxnVimFS1xe1n...
imageproxy.eu.criteo.net/v1/ Frame 20CA 34 KB
34 KB 16ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/0006CKVthkBpzuErCSQJGXMNm6bISXKvRUhtRVwoxVDyjg1lx4Pgy13Z68FTIseNnzlowTdWmadBQI2S6AfzmWJa3xT9AEgioNKoCxyWbo5iJM7AxtquwVaS8sYZrAtBXHr5bh6DxnHS89fjn6kXIYgjlBIkxBrBXp3T4BvGc8ezVu9HY2MEi1M7qxnVimFS1xe1nKuo98wlusStWf5YtDRyLNvccCKEERWKrHBPze3iyMqzbbYOWFjBFwvaxMfc0McsvLHnVilrmauvAbxrtnyslaJyusCKbYCjrOjNhal54WdtLuPZwF4bYgbmuM3dgvjWCFQrAvQe0Zcp1IreuFkyEVbIbZP1KGW1pDYsBg6CO9yZPCaheFYahHxZY4XqW5nR2oqaeSkQZxTRhoEGelVqIncgpqExZLGkAA0UzzqoE13t0TspcxW?b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3c2cdaac0e5493a47849ba1a96963b7458f9b0367aae7b8872071f708cd2ad72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 35048
expires: Sun, 23 Feb 2025 19:16:28 GMT

GET
H2 200 000BhDlMG0ZXrFAutzBZEW7KBTgOpR299vg10eQTPLoh8ViligHIBFIk2nMNHmvYD3Euektj1Hx59513tV0hikJzrvX9lJNfmwRKWobI7LoZ2xz2IMFIRXCmlmNyggsnukTNesFOrTN07TouD1BMuHspjVU5W7fjIArwb3ucB8ptodqXqahz6AYes5RAhMNWIkIfC...
imageproxy.eu.criteo.net/v1/ Frame 20CA 22 KB
22 KB 16ms
15ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/000BhDlMG0ZXrFAutzBZEW7KBTgOpR299vg10eQTPLoh8ViligHIBFIk2nMNHmvYD3Euektj1Hx59513tV0hikJzrvX9lJNfmwRKWobI7LoZ2xz2IMFIRXCmlmNyggsnukTNesFOrTN07TouD1BMuHspjVU5W7fjIArwb3ucB8ptodqXqahz6AYes5RAhMNWIkIfCWvKeKo95vAoKB9SjYSevIZDd2SvMNBoTnMDLxni0CYIWpGRBCBqYidqVhwgfMgIJEqqBX9JM1JpfeQ3iLmdF1GsANf5sAjQw7iiJBAH5M473Rim5GCZr8002o084IoecgmCwbCVcUFsO6gADefbBEPsaEcKpaNXUi58xnRm0m54jFM9jRArgqJ9XU9eyDNpbOrSF9uY5TQsR5Nu5KAHmYfU29jXsNs4pDW8DLGbpMmQOE4FYF3h6E7dHWDhdsgUnuRRsw3?b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

506addea39611c7a5b70eea34a514c558c1ea213e554edecf5a06860f6abf8d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 22720
expires: Tue, 25 Feb 2025 07:17:56 GMT

GET
H2 200 004o7m6GwrDoMnxLd7LBh2jzHOfm1H7n1T0S301NgDIeP1sXVC0PIO0DmdtRuCpENNDwoL1SpDuKZWBwgL2lamcJ37IfbP4rUeculASByP9t5CYfMpw7YcGhrQrS7TcxCaQDpLQse8Sf3s7IAcrkKZ0Np7aSdujVZ08yMh1NEmf464zB787BWLEmYVmvLxm3hpbR5...
imageproxy.eu.criteo.net/v1/ Frame 20CA 26 KB
27 KB 17ms
16ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/004o7m6GwrDoMnxLd7LBh2jzHOfm1H7n1T0S301NgDIeP1sXVC0PIO0DmdtRuCpENNDwoL1SpDuKZWBwgL2lamcJ37IfbP4rUeculASByP9t5CYfMpw7YcGhrQrS7TcxCaQDpLQse8Sf3s7IAcrkKZ0Np7aSdujVZ08yMh1NEmf464zB787BWLEmYVmvLxm3hpbR5HQK52GFqg2MrjPyDfoUIil7E0OUvI3GV6s8F98pn7l0ZjHNar2oTezJSkLknxlOmOAhpskAMGh8mQUggN1nY9JDr3A2mPM8JfHstsXyze55HSB0oVHzz30xNdpIhhLNbFC4ro2YWuU7zX9dHol8qKFTxAJpRGXQ4qyN6xTqap3HFMEFQ3CArW7mQai9fQJLhQuq3ky0UFeUbIoHuTTy8F00hnf1MMBBlkPZCorqcY?b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

edb0d80226ac4568eb0f61b55293df226e7e97155d5262122f503158e6737f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 27096
expires: Sun, 23 Feb 2025 19:16:37 GMT

GET
H2 200 004EZMqcfTmcV6dfT7SqOllQhCybuYOvAIBeH1NQJyt5dwitqr3rLG57U5U54b4hOuQJb05FiDhLBDwKXJuXT1FomdqOG3qpRT1r7d0aoBcsBqZcJ6gH8BroIFNPjxlhYA43Cn5b00f9FDh0CU0fVtFNIrLknMBmaSMlBoZ9n7o623bemrtxDYIUTPMFCAX8PCzvz...
imageproxy.eu.criteo.net/v1/ Frame 20CA 16 KB
16 KB 22ms
21ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/v1/004EZMqcfTmcV6dfT7SqOllQhCybuYOvAIBeH1NQJyt5dwitqr3rLG57U5U54b4hOuQJb05FiDhLBDwKXJuXT1FomdqOG3qpRT1r7d0aoBcsBqZcJ6gH8BroIFNPjxlhYA43Cn5b00f9FDh0CU0fVtFNIrLknMBmaSMlBoZ9n7o623bemrtxDYIUTPMFCAX8PCzvz2s6f05q0YXywkLgeUI6ZJkNpUExZWypl7HiQF0VAUPlORjEFrU4pmp5D7WbuM0IfhJqjOBPWtrhwoUpsSJKj5VVQGavdbd35l2BBs6rmGQpAcjPfDq5xVTAK0uXkuNUo8iTbD4o8DlWjbnMxBvxtDtKs9OAYCanEC2pfm1x2hUESu1ie8cDd1NQnkQsyYZXD7rFliT7amJt0WDuB2QI6t9lDXx6RjORs0y08i?b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0ea95348c0c75121130510297bd6158550f65f13089b5460d0f9e0ca422f247d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16480
expires: Tue, 25 Feb 2025 07:22:51 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 20CA 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=6YuG-3kqeSJvjMdJzHL9p7CYwFZScYJo0t2DIS00SQ3v5e7Jcb5sGyg1E_e5FEzt6KNM386GUvvB1A9pwUTcbJSREqXwB-3bkO9ZnesdfhD-z_2II28HG5QS9mtdq2XGV1684vURlZ3TJoXKtUrIirJaDTBmh9Hu0n9qwR5I3HwFIrlW6-bKqMJnwTn_VhjjoX1xa-sgGvmkoKAH_lFAh-P_o_X9DQUlddHRcVN_-ZxJZ16ota96bcqWGvWLELm8fP6fVg&sds=2&rev=90888.4&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 05 Mar 2024 05:39:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 20CA 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:25 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 20CA 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Fri, 28 Feb 2025 05:39:25 GMT

GET
H3 200 neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js Show response
pagead2.googlesyndication.com/bg/ Frame 9432 51 KB
20 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/neFZPoS4RqR4jfdTFmgUuiCC8zWeQsTNscPgsnGRUhI.js

Requested by

Host: wincdemu.sysprogs.org
URL: https://wincdemu.sysprogs.org/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 21:52:53 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27992
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20184
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 21:52:53 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame A2A1 0
19 B 42ms
41ms Image
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CIWZ9C7DmZfLmPJTl7_UPifaDiATJntKxXPWdmPdwwI23ARABIABglfqagqwHggEXY2EtcHViLTM5OTAxNjM1NzQ5Mjk2NDjIAQmpAl9oYfDXNLI-qAMByAMCqgTRAU_Qc6L4jIfAHNdAYVbZFhCun28-SRk6eAEQA14Ln317PFht3dsfOpIUHlAnlJOzh0LKX85qLXoxGbSaA2vYOTlciLL55xeAlL8otYNEnAueYzifb8Hr0je8nfyBq68lGOdLK7wwfcScd9_CHmXdNfBB27n4HVG-0i86zzohtbn2GkvfYG7RZscSTIXyqIvW71LrnCHS4ERrlTfRgnzBvU5t4MDgWaM_Ji_4wkbXJLyPxPYETuUJhfurMbUj3yWTj2HabDO079suZ7q2rTkDAjjcgAbi14akioCbow2gBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7ECqAetvrEC2AcA0ggpCJHhgHAQATIH64uA4L-ADToJgECAgICAgJQoSL39wTpY_vuLnrTchAOACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzk5MDE2MzU3NDkyOTY0OBgA&sigh=IhKjzLMwJ5I&uach_m=%5BUACH%5D&cbvp=2&vis=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 05 Mar 2024 05:39:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame A2A1 0
125 B 14ms
14ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=mvzSGcz6RO0HfJ2DYgICAAAAEx64pd56YLedKmTkEAuw5mWeb-yFmWK9PAGxAAASAAAKCkFRVURBUUVCQVHkF-sWR04BiNuld2_l6HS7&wp=ZeawCwAPM3IIu_KUAAD7CWZTRMAmi8uur8c1fw&cbvp=2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240228/r20110914/zrt_lookup_nohtml_fy2021.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 158738
server: Kestrel
content-length: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 68ms
51ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240228&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01949021d6d4221318fc54874192304e8122a554922c276b774e5a631c8f5c2d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12539
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 102ms
102ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 05 Mar 2024 05:39:25 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 6CEC 13 KB
5 KB 10ms
8ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://wincdemu.sysprogs.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33649
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 04 Mar 2024 20:18:36 GMT
expires: Tue, 04 Mar 2025 20:18:36 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 593E 829 B
1 KB 50ms
17ms Document
text/html 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e83532ff980a261f2c0de0375691e11a8d6cc60e1283494d5ff47abb28ce9921

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--tCpDlYcM46OOrBXDAi2IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://wincdemu.sysprogs.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce--tCpDlYcM46OOrBXDAi2IQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 05 Mar 2024 05:39:25 GMT
expires: Tue, 05 Mar 2024 05:39:25 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js Show response
pagead2.googlesyndication.com/bg/ Frame 6CEC 40 KB
15 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/hhT7r2j7IM84IjrHPq4DliozylkjplqSUN38T7c3Pqk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Mon, 04 Mar 2024 23:25:10 GMT
content-encoding: br
x-content-type-options: nosniff
age: 22455
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15753
x-xss-protection: 0
last-modified: Mon, 26 Feb 2024 11:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 04 Mar 2025 23:25:10 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 593E 0
0 38ms
37ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240228&jk=1190094860127851&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 6CEC 0
10 B 7ms
6ms Image
text/plain 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?MjEPFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

date: Tue, 05 Mar 2024 05:39:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 2DD2 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuhPrO9mwPxDa27S4f3kbvAIVUKOa9NjRHL0AzQxY0_aUyRdemUbtBNrMgTwc69PHMPSdc4PhWy-BV8WNiZW85eygCVmK_GvkNVl7w7V131PVSKjeoPuUwlR_Bb8B4BTDpuQY_QzUK2fWOICa0yWWndKHyIeluOFbfBjinVwj22&sig=Cg0ArKJSzKgVXQo47R8KEAE&id=lidar2&mcvt=1000&p=0,250,280,950&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=4&adk=54771071&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=554996500&rst=1709617163925&rpt=1134&met=mue&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 05:39:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 42ms
42ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240228&jk=1190094860127851&bg=!q6ilqOfNAAauXHXJjlw7ADQBe5WfOBUMOMN8E8v9IMVWIw1bmRPTecLXARoeZI-j2iPuhG37PxG4MJnDuxVSjzDRoYWzAgAAAElSAAAAAmgBBwoARc6vNWIUis9SRi9y-WBOyuQ8LbTJ2gE0FW04o6wIR55vVjaeJgeTcZLo5zLixtmBIZir2kGKk7UbFECZexP5kScHyTun55kCyTcF81hes62G96ZF1Z0kx8h2R3IrpOyT9oDbTltK2zhtmBVcd0xOnl6yxuwc7tVKhA4OOxmcUipv89y3v2GYQ8SjFKhPWVkKi3fkv-FL2FkVdkhqrpCxOx7ga4OdB9vAm97DcdS6hVHhcK0aO9KaoZF3z_p_9g17TXuKfSJtkYnrdnKguhw-jiljGQVqzml2sv64HJe9WBYjE765HpDb5OhLQJ9fDN0gEKgu5cG1DmMUOog0DHY3QvPbkCtIsXttKGyoexXpZU7UpUl4miwwtr9CNjYEFXA9KMiw1kQC72WX1YPAqsog-aKRUGzKgI4xXqYEboRToLQ_nE22HC0uIpoKryyVeMMmxcpTtmgDT5G-bC4TMHG2u0Be6LJDkYe5HVH84uAMPKR-AaBXgDbgCY1KCBoaZa9u9gUG9n_RhZt4QMMwZE2zMk4Op8AYesr0hdaqlWSBoIpYpGYUd43_6oLPKf9hiNhWK6hzyuHmD6qHmF416MHZuQL3vR3TItH4-PRXRVHchrzsqlR9esObnok7F3-OAXKrEWHjKOu5TRX3iAB0ONgNozSzH8nIYGKSR6LGF7sqYrsYRFmjw6pg5OiyT38KfFtomPIu_ReHAIg1j5CRQjjIfz-L9fMyJdx9AA-SmED1SlFgqMesXF72idbf7qzXN0g35y_1zsJdv242rxHtZLgYbu3CvvR3h4bAV2VNz36kFLeXjOA9CuCQwZ2kX6csMo8eUWJdMois78eMgYBkdQs3UKT3OA0vD-cBx6rNdV-5aW1M7c2SfXA_ycsCPcU6OiXIQv5iR3sd2WlKZlQr9KsLTs_HdeIKpzGoeP6M41hFnRezGxFqIMJT-OBwXfFOiL9NWkGe8YLB9GWm_5TWeOjATZJVxirC5hHz4Wdz4UK9qZr48vMBVAlFuLbGGzFSudRTXIiLPn5X5ytPzB9hLG6C4txc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://wincdemu.sysprogs.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame A2A1 42 B
64 B 42ms
42ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv2zlgIa1-ZdJ7PSCtaloXP4bd7h9s0GhnmJjH4gEhxn9hfwLD1QRLZ4LBLPKQZyRqYzBj0gLGY4qHxyRWxplfhw3k8ivcE-zFW_3z5jkKa7K2G-qfTfeoS0Uxqj87VMGZyGkRpUhUf56OB&sig=Cg0ArKJSzMY0qahm0S3BEAE&id=lidar2&mcvt=1001&p=0,0,124,1005&mtos=84,758,1001,1096,1251&tos=84,674,243,95,155&v=20240229&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=554996500&rst=1709617165216&rpt=121&met=ie&wmsd=0&pbe=0&vae=0&spb=0&sfl=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 05 Mar 2024 05:39:26 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 20CA 0
127 B 13ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.94 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 05 Mar 2024 05:39:26 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

51 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sysprogs.org/	1970-01-21 04:29:37	Name: _ga Value: GA1.2.851503654.1709617164
.sysprogs.org/	1970-01-20 18:55:03	Name: _gid Value: GA1.2.852019710.1709617164
.sysprogs.org/	1970-01-20 18:53:37	Name: _gat Value: 1
.sysprogs.org/	1970-01-21 04:29:37	Name: _ga_85DKDNMP97 Value: GS1.2.1709617163.1.0.1709617163.0.0.0
.sysprogs.org/	1970-01-20 23:12:49	Name: __eoi Value: ID=5c7c5f4955b307a4:T=1709617163:RT=1709617163:S=AA-AfjYhwvWK1hMWBqjRD0wSPzfR
.criteo.com/	1970-01-21 04:15:13	Name: receive-cookie-deprecation Value: 1

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'ambient-light-sensor'.
security	warning	Message: Error with Permissions-Policy header: Unrecognized feature: 'bluetooth'.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3990163574929648&output=html&h=280&slotname=9122365647&adk=3387091555&adf=917691366&pi=t.ma~as.9122365647&w=1200&fwrn=4&fwrnh=100&lmt=1709617163&rafmt=1&format=1200x280&url=https%3A%2F%2Fwincdemu.sysprogs.org%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709617163762&bpp=1&bdt=1096&idt=193&shv=r20240228&mjsv=m202402270101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x280&correlator=3799439134924&frm=20&pv=1&ga_vid=851503654.1709617164&ga_sid=1709617164&ga_hid=1931133157&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=1780&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31081587%2C95325752%2C95322183%2C95324160%2C95326437&oid=2&pvsid=1190094860127851&tmod=585703199&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpEebr%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&btvi=1&fsb=1&dtd=196 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
csm.eu.criteo.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
region1.google-analytics.com
rtb.nl3.eu.criteo.com
static.criteo.net
static.xx.fbcdn.net
sysprogs.com
sysprogs.org
tpc.googlesyndication.com
wincdemu.sysprogs.org
www.facebook.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
178.250.1.6
2001:4860:4802:34::36
2600:3c01::f03c:92ff:fe79:73db
2a00:1450:4001:800::200a
2a00:1450:4001:806::2003
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2008
2a00:1450:4001:827::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2004
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
2a03:2880:f084:105:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
01949021d6d4221318fc54874192304e8122a554922c276b774e5a631c8f5c2d
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0ea95348c0c75121130510297bd6158550f65f13089b5460d0f9e0ca422f247d
140299fc91d8470cb9788bf2403e6bb237dc53c40b8b9b1eda482079da8c770e
1e4fca317c98d32629a90602a4c1d53d368509b49fbc9932324c6fdd2c6a16d8
2028952113cd4aa14f1fac8da44499af3cfb6fc55b492b6dbaec50ce69c15a2d
256c715d8bf41fc2ca23c1223ff968b2abd64978cf780302aea2cbf12ea1aeed
282c4bdc25545872e76681ae141a5c55e8ff9bf5e375882688188849312b7fd7
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3b336227622be70ff5b13a9921656c8620bdd3d2a34a2578ba25f9926219cda6
3c2cdaac0e5493a47849ba1a96963b7458f9b0367aae7b8872071f708cd2ad72
3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
4057a0dd932d74677ea79d1f3cbee9d007f4fd2a16ac42160186fb2243e0585c
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
422682828acc51aba3642cf071d41cad58d06f20232821db4038d92a8c7d4f29
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
506addea39611c7a5b70eea34a514c558c1ea213e554edecf5a06860f6abf8d0
533bbec9eb2cd0a902e28b6b5dc3a29eab1cedcd36854175bc86d1549df8892c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a1a166428749c17f6500cf68460c15d73b06c0a7ef3cc37efdd75898b1b1aa5
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5c4b467f0549b6c7941ae4e2bd34ec04c30775723314738f2f6b15b6642e278a
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61f0b9d180766a325d407379dfb471948a18f36a6a8b2184f5fc7c351b0b2202
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
773c3f932df310cff79db2a8cc31377904baf920c42b6c9ea19fc18d5d2f7b19
854fcb8d308ff2d975a2efc0824016e3966248fd41b23c91e8c47ec5913ba99e
8614fbaf68fb20cf38223ac73eae03962a33ca5923a65a9250ddfc4fb7373ea9
89ffe0c0d6f7cd37f600facbcd2f09f40d8f053ffed82144b34ceec97f777de8
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8b18423cfb337dc1fdb9d293aa865d42d74f0406a3f9543d45e28ba5e7adffde
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
92e239018f70f88c4c66044cc2e21c053e2d3067b3aaf15992b8b39d1b38eb16
94e61aa37ceeadb1c19447a851fddc0b22f1fabf4a2adb6a68f145f64bacc90b
95c4d1267ba519e8f537083d28e9292fc3619f6bfa7e66080159b45ed5d021e4
9bd550ac8dee1f965e3ebf571ea3d2251539969a907b064a7828f7298c040426
9de1593e84b846a4788df753166814ba2082f3359e42c4cdb1c3e0b271915212
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
b2aa131b334742b75fe3de815997b21d4783cea50a210783c0e243fb7d9d6eac
b585c85e95dc9bd77ee8f10b3bd6145b48a42534e9284eb9efbba5097824c2f4
bc71aa09e8a2dae0f34791e0f469458b6e883edb0592fa61dec6e0e763354abe
bdb7d822d6afd1c8354749a111f68d56ce5e5db03b8a3028698acfc78358e06d
c37d357fc579d45164a43cd93af2cfe5154fea3c9a4bff6e899d7a187f33f05a
c80dc76a18ba8d711399bb1926d4afc46dbec0fa9a39f76933aae78861fb75c1
ca5c35bfc7331c2609bd9ac5cd8f9cd852eaa5b7de7311b431b72875213c9dce
cecbcfc3730fea775178c8e8c4dc1f9b3d5788affcad29ee9d2f716eb818148d
d3e4c390667ad633e229c5e25a0a3a871a02c4801f11a359a7af6bbc54a8a9e0
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df7a397b8ce58f6251a395e02608b4f620e934a958bdfe6702c6f2033593eed0
df7b36c2555c08b60f8591a43ed6c42a0bd9442269d9810b13c8cd3a7be8e9aa
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
e83532ff980a261f2c0de0375691e11a8d6cc60e1283494d5ff47abb28ce9921
e8d71b3e91a0848bd5de68947291a7aa6c5bd794a9724dfe88ab1af648a92e1d
edb0d80226ac4568eb0f61b55293df226e7e97155d5262122f503158e6737f65
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f36fa919071e768761cef124106d346096a788590c1807f03dc9ab43ab09916b
f3d697d8459a847ed1f261e14796d14e83fed33be0c7cfeea45daae755ad5dd3
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f7334f1e536b9d3ada5c6a84af70f68e01fb4e42969931e957a6333ea981d9fd
fff1e6e6e51664f324fa9d4f2009b4fb79789d88adfd37bb202b8c13a45a07ed

wincdemu.sysprogs.org Open in urlscan Pro 2600:3c01::f03c:92ff:fe79:73db Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

99 Requests

100 %HTTPS

94 %IPv6

13 Domains

21 Subdomains

19 IPs

3 Countries

2071 kBTransfer

4095 kBSize

6 Cookies

30 Outgoing links

Page URL History

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

wincdemu.sysprogs.org Open in urlscan Pro
2600:3c01::f03c:92ff:fe79:73db Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

100 %
HTTPS

94 %
IPv6

13
Domains

21
Subdomains

19
IPs

3
Countries

2071 kB
Transfer

4095 kB
Size

6
Cookies

99 HTTP transactions
3 data transactions