cryptext.eu Open in urlscan Pro
37.9.175.155 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://cryptext.eu/
Effective URL:
https://cryptext.eu/
Submission: On February 10 via api (February 10th 2024, 3:27:22 pm UTC) from US — Scanned from DE

Summary HTTP 169 Redirects Links 14 Behaviour Indicators

Summary

This website contacted 30 IPs in 7 countries across 26 domains to perform 169 HTTP transactions. The main IP is 37.9.175.155, located in Slovakia and belongs to WEBSUPPORT-SRO-SK-AS, SK. The main domain is cryptext.eu.
TLS certificate: Issued by R3 on January 9th 2024. Valid for: 3 months.

This is the only time cryptext.eu was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 8	37.9.175.155 37.9.175.155	51013 (WEBSUPPOR...) (WEBSUPPORT-SRO-SK-AS)
1	142.250.186.72 142.250.186.72	15169 (GOOGLE) (GOOGLE)
62	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	104.17.25.14 104.17.25.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	104.16.89.20 104.16.89.20	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.240.108.84 172.240.108.84	7979 (SERVERS-COM) (SERVERS-COM)
1	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	104.18.10.207 104.18.10.207	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	216.239.32.36 216.239.32.36	15169 (GOOGLE) (GOOGLE)
3	74.125.206.157 74.125.206.157	15169 (GOOGLE) (GOOGLE)
1	142.250.186.35 142.250.186.35	15169 (GOOGLE) (GOOGLE)
2 12	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
3	142.250.185.202 142.250.185.202	15169 (GOOGLE) (GOOGLE)
21	142.250.185.161 142.250.185.161	15169 (GOOGLE) (GOOGLE)
5	142.250.186.163 142.250.186.163	15169 (GOOGLE) (GOOGLE)
6	172.217.16.138 172.217.16.138	15169 (GOOGLE) (GOOGLE)
3	142.250.184.196 142.250.184.196	15169 (GOOGLE) (GOOGLE)
6	142.250.184.195 142.250.184.195	15169 (GOOGLE) (GOOGLE)
4	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
8	173.194.215.120 173.194.215.120	15169 (GOOGLE) (GOOGLE)
1 2	46.228.164.11 46.228.164.11	56396 (AMOBEE) (AMOBEE)
3 11	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	35.71.131.137 35.71.131.137	16509 (AMAZON-02) (AMAZON-02)
1 1	35.186.193.173 35.186.193.173	15169 (GOOGLE) (GOOGLE)
1	35.214.149.91 35.214.149.91	15169 (GOOGLE) (GOOGLE)
6 8	185.184.8.90 185.184.8.90	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
1	178.250.1.9 178.250.1.9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2 2	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	91.228.74.244 91.228.74.244	16509 (AMAZON-02) (AMAZON-02)
1	63.215.202.172 63.215.202.172	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	35.204.74.118 35.204.74.118	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	34.246.33.254 34.246.33.254	16509 (AMAZON-02) (AMAZON-02)
2 2	142.250.185.78 142.250.185.78	15169 (GOOGLE) (GOOGLE)
4	74.125.162.38 74.125.162.38	15169 (GOOGLE) (GOOGLE)
169	30

8 37.9.175.155 (Slovakia) 1 redirects

ASN51013 (WEBSUPPORT-SRO-SK-AS, SK)
PTR: ing.r2.websupport.sk

cryptext.eu	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.72 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 104.17.25.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.16.89.20 (None, )

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.240.108.84 (United States)

ASN7979 (SERVERS-COM, US)

pl22136284.toprevenuegate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.137 (United States)

ASN54113 (FASTLY, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.10.207 (None, )

ASN13335 (CLOUDFLARENET, US)

stackpath.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.239.32.36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 74.125.206.157 (United States)

ASN15169 (GOOGLE, US)
PTR: wk-in-f157.1e100.net

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bid.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.35 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f3.1e100.net

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 172.217.18.2 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra02s19-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.202 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f10.1e100.net

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.161 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.163 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f3.1e100.net

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 172.217.16.138 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f138.1e100.net

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.184.196 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.184.195 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s11-in-f3.1e100.net

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 173.194.215.120 (United States)

ASN15169 (GOOGLE, US)
PTR: vt-in-f120.1e100.net

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 46.228.164.11 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
r.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 142.250.185.98 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.193.173 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com

ipac.ctnsnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.214.149.91 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 91.149.214.35.bc.googleusercontent.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 185.184.8.90 (Amsterdam, Netherlands) 6 redirects

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net

creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.254 (London, United Kingdom) 2 redirects

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 91.228.74.244 (United Kingdom)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.215.202.172 (Amsterdam, Netherlands)

ASN41041 (VCLK-EU-SE, US)
PTR: ams05-nessy-float2.dotomi.com

dclk-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (Groningen, Netherlands) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 118.74.204.35.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.246.33.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-246-33-254.eu-west-1.compute.amazonaws.com

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.78 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f14.1e100.net

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 74.125.162.38 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s17-in-f6.1e100.net

r1---sn-4g5lznek.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
83	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 114 tpc.googlesyndication.com — Cisco Umbrella Rank: 160	641 KB
26	doubleclick.net 5 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 80 googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 bid.g.doubleclick.net — Cisco Umbrella Rank: 896 cm.g.doubleclick.net — Cisco Umbrella Rank: 258	196 KB
19	gstatic.com www.gstatic.com fonts.gstatic.com csi.gstatic.com	155 KB
9	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 31 imasdk.googleapis.com — Cisco Umbrella Rank: 472	273 KB
8	creativecdn.com 6 redirects creativecdn.com — Cisco Umbrella Rank: 503 cm.creativecdn.com — Cisco Umbrella Rank: 2126	4 KB
8	cryptext.eu 1 redirects cryptext.eu	165 KB
6	2mdn.net 2 redirects gcdn.2mdn.net — Cisco Umbrella Rank: 1297 r1---sn-4g5lznek.c.2mdn.net — Cisco Umbrella Rank: 441346	1 KB
4	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 139
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2720 www.google.com — Cisco Umbrella Rank: 2	1 KB
3	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 223	89 KB
2	onetag-sys.com 2 redirects onetag-sys.com — Cisco Umbrella Rank: 702	774 B
2	turn.com 1 redirects ad.turn.com — Cisco Umbrella Rank: 819 r.turn.com — Cisco Umbrella Rank: 4264	869 B
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 314	11 KB
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 493	713 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 794	715 B
1	dotomi.com dclk-match.dotomi.com — Cisco Umbrella Rank: 3399	104 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 757	463 B
1	criteo.com dis.criteo.com — Cisco Umbrella Rank: 598	363 B
1	bidswitch.net x.bidswitch.net — Cisco Umbrella Rank: 368	235 B
1	ctnsnet.com 1 redirects ipac.ctnsnet.com — Cisco Umbrella Rank: 5828	612 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 347	149 B
1	google.de www.google.de — Cisco Umbrella Rank: 6562	408 B
1	bootstrapcdn.com stackpath.bootstrapcdn.com — Cisco Umbrella Rank: 2920	16 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 761	24 KB
1	toprevenuegate.com pl22136284.toprevenuegate.com
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 37	93 KB
169	26

	Domain	Requested by
62	pagead2.googlesyndication.com	cryptext.eu pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com
21	tpc.googlesyndication.com	googleads.g.doubleclick.net cryptext.eu imasdk.googleapis.com pagead2.googlesyndication.com tpc.googlesyndication.com
12	googleads.g.doubleclick.net	2 redirects pagead2.googlesyndication.com googleads.g.doubleclick.net
11	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
8	csi.gstatic.com	imasdk.googleapis.com
8	cryptext.eu	1 redirects cryptext.eu
6	creativecdn.com	6 redirects
6	fonts.gstatic.com	fonts.googleapis.com
6	imasdk.googleapis.com	googleads.g.doubleclick.net imasdk.googleapis.com
5	www.gstatic.com	googleads.g.doubleclick.net cryptext.eu
4	r1---sn-4g5lznek.c.2mdn.net
4	www.googleadservices.com	cryptext.eu
3	www.google.com	googleads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.googleapis.com	googleads.g.doubleclick.net
3	cdnjs.cloudflare.com	cryptext.eu cdnjs.cloudflare.com
2	gcdn.2mdn.net	2 redirects
2	cm.creativecdn.com
2	onetag-sys.com	2 redirects
2	bid.g.doubleclick.net	imasdk.googleapis.com
2	cdn.jsdelivr.net	cryptext.eu
1	pr-bh.ybp.yahoo.com	1 redirects
1	um.simpli.fi	1 redirects
1	dclk-match.dotomi.com	googleads.g.doubleclick.net
1	cms.quantserve.com	googleads.g.doubleclick.net
1	dis.criteo.com	googleads.g.doubleclick.net
1	x.bidswitch.net	googleads.g.doubleclick.net
1	ipac.ctnsnet.com	1 redirects
1	match.adsrvr.org	googleads.g.doubleclick.net
1	r.turn.com
1	ad.turn.com	1 redirects
1	www.google.de	cryptext.eu
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	stackpath.bootstrapcdn.com	cryptext.eu
1	code.jquery.com	cryptext.eu
1	pl22136284.toprevenuegate.com	cryptext.eu
1	www.googletagmanager.com	cryptext.eu
169	37

This site contains links to these domains. Also see Links.

Domain
www.thalesgroup.com
en.wikipedia.org
www.digicert.com
tresorit.com
pixelprivacy.com
www.axel.org
www.technologyreview.com
www.indeed.com
www.geeksforgeeks.org
www.cloudflare.com
www.nationalacademies.org
www.hklaw.com
www.krizofky.sk

Subject Issuer	Validity	Valid
cryptext.eu R3	`2024-01-09` - `2024-04-08`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
toprevenuegate.com R3	`2023-12-19` - `2024-03-18`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2023-07-11` - `2024-07-14`	a year	crt.sh
bootstrapcdn.com GTS CA 1P5	`2024-01-28` - `2024-04-27`	3 months	crt.sh
www.google.de GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2024-01-09` - `2024-04-02`	3 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2023-04-12` - `2024-05-13`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2023-03-23` - `2024-03-23`	a year	crt.sh
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-05-07`	3 months	crt.sh
quantserve.com R3	`2023-12-27` - `2024-03-26`	3 months	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2023-08-15` - `2024-09-15`	a year	crt.sh
*.c.docs.google.com GTS CA 1C3	`2024-01-16` - `2024-03-26`	2 months	crt.sh

This page contains 18 frames:

Primary Page: https://cryptext.eu/
Frame ID: EEF2AD7D48B189547CCD08BFB8CF5156
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html
Frame ID: 72223D55CAB48B3EF8B339C2622E5448
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&adk=1812271804&adf=3025194257&lmt=1705172444&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcryptext.eu%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~9~17&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578838016&bpp=6&bdt=482&idt=536&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=792926952549&frm=20&pv=2&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=552
Frame ID: 4255005647557C366729E2EC6D81A5AB
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1200x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578838023&bpp=1&bdt=490&idt=553&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=555
Frame ID: 127CEFE011A1228458D32357AD9CE6DB
Requests: 15 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3157847563&adf=1199968654&pi=t.aa~a.362280133~i.7~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1915216740&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839113&bpp=1&bdt=1579&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Frame ID: 7462C531836B30FABD3F27375239CFB8
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=93411971&adf=2831361282&pi=t.aa~a.3541775406~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1592&idt=-M&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Frame ID: C2DBD875B517C0D7A8836FB8BAD24DE8
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.302380595~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1200x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1591&idt=-M&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11
Frame ID: 684D7DC9E07A0E5E6A70594BD59F9739
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3493310977&adf=1735554794&pi=t.aa~a.2295198862~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1200x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1591&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1200x280&nras=6&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=13
Frame ID: A87B6CC1394E650D1AF2BD641F15C58E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1
Frame ID: 54D1208430EEF83924F16FAAA32BE1F7
Requests: 1 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019
Frame ID: 9955D912DC9472077D84E6DA704E7D0E
Requests: 10 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
Frame ID: 712321ADD611A922993F2031FC3541C5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js
Frame ID: E3B61057ECF5F4676BD058D870032EE9
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 7055A74D8CB4AFD8AFF2B9EEBD744A7C
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: FA7D5FEA42505326CF49FDC241F92924
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: B2DBC63C0FB0E455564F541DF49A3E4E
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html
Frame ID: C3258AF9A9D6FEB6678BE7380661056D
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 0B8CDE4DC411CC90D4CBE96DAE3D77C3
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 41832D206D90411CFFA994B36AAAF009
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Cryptext - Send encrypted message online

Page URL History Show full URLs

http://cryptext.eu/ HTTP 301
https://cryptext.eu/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Popper (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/popper\.js/([0-9.]+)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

169
Requests

92 %
HTTPS

0 %
IPv6

26
Domains

37
Subdomains

30
IPs

7
Countries

1665 kB
Transfer

4618 kB
Size

18
Cookies

14 Outgoing links

These are links going to different origins than the main page.

URL: https://www.thalesgroup.com/en/markets/digital-identity-and-security/magazine/brief-history-encryption
Title: inscription

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/History_of_cryptography
Title: Bible

Search URL Search Domain Scan URL

URL: https://www.digicert.com/blog/encryption-decryption-the-never-ending-battle
Title: during battles

Search URL Search Domain Scan URL

URL: https://tresorit.com/blog/the-history-of-encryption-the-roots-of-modern-day-cyber-security/
Title: in the field

Search URL Search Domain Scan URL

URL: https://pixelprivacy.com/resources/what-is-encryption/
Title: encrypt different letters

Search URL Search Domain Scan URL

URL: https://www.axel.org/2021/05/28/history-of-encryption/
Title: rotating disks

Search URL Search Domain Scan URL

URL: https://www.technologyreview.com/2023/10/16/1081694/the-fight-over-the-future-of-encryption-explained/
Title: complex permutations

Search URL Search Domain Scan URL

URL: https://www.indeed.com/career-advice/career-development/decryption-vs-encryption
Title: Alan Turing, Claude Shannon

Search URL Search Domain Scan URL

URL: https://www.geeksforgeeks.org/difference-between-encryption-and-decryption/
Title: AES, DES, RC4

Search URL Search Domain Scan URL

URL: https://www.cloudflare.com/learning/ssl/what-is-encryption/
Title: RSA, ECC, ElGamal

Search URL Search Domain Scan URL

URL: https://www.nationalacademies.org/our-work/future-of-encryption
Title: SHA-1, SHA-2, SHA-3, MD5

Search URL Search Domain Scan URL

URL: https://www.hklaw.com/en/insights/publications/2023/01/quantum-computing-the-looming-threat-of-quantum-decryption
Title: efficiency and security

Search URL Search Domain Scan URL

URL: https://en.wikipedia.org/wiki/Harvest_now
Title: without decrypting it first

Search URL Search Domain Scan URL

URL: https://www.krizofky.sk/sudoku/sudoku-zo-vcera#sudoku-hra
Title: Online sudoku

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://cryptext.eu/ HTTP 301
https://cryptext.eu/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 99

https://googleads.g.doubleclick.net/pagead/adview?ai=CcM7N1pXHZc2BLYjV29gP39WCiAP917fede3x2ZjZEb_O8_0IEAEgouvXDWCVypuCrAegAe264oQDyAEJqQLUp6sw8RayPqgDAcgDywSqBP4BT9DRBf-dXcR2M1kxfEXTgqIzK0WvB1N1yZCLVs0VhxISCVQzVlYklKp7j_27zRimKsZ2BUi2FoIaNIVkIyHLmN7nar9r17clFwMRLXbdNIX3DPt9q6fmpYADWAOYCu6l1q6OUlvuketjf5PXGwq2RAhQql8bFvDkKPtfoah9pkdhUW4u5ZbhCCDIxJUnJW80QOnKSqBdPOREu1hCPKFYN4OXEq1A2vH0-RPUfaqt2rsb06fHhlUJtWsSe7dtrHquDpSYmQr5RupzvHVVHbbN1_OO83MKuLbsZOBAvTrqgL4ZaBZOu7Fc1ow9GusyWB-b0lBkHwnZO59gLVV_XjDABNy97ou6BIgFstvWiEmSBQQIBBgBkgUECAUYBKAGLoAH-8Sde6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEKe5F9IIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WIqJ5_CKoYQDmgnCAWh0dHBzOi8vY2hlY2ttay5jb20vbC9hL3N0YXJ0LWNoZWNrbWstZnJlZS10cmlhbD91dG1fc291cmNlPWdvb2dsZSZ1dG1fbWVkaXVtPWNwYyZ1dG1fY2FtcGFpZ249W0NhbXBhaWduc11HRE4tZnJlZXRyaWFsLUVVJnV0bV9jb250ZW50PWZyZWUtdHJpYWwmdXRtX3Rlcm09Y3J5cHRleHQuZXUmdXRtX3NvdXJjZV9wbGF0Zm9ybT1EaXNwbGF5gAoByAsBuBPkA9gTDYgUAdAVAZgWAYAXAbIXHAoaCAASFHB1Yi0yNDEzNjkzMjg0NjYyMjc1GAA&sigh=ztt2FNOxV6o&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_CguByb5ZeRG0zoXAuxwlpnAFE561BLQ7ISFguCZuPIbq-UKuosBSDr2hlrmQCrHf46MBOVzbnX0LELWnNZNomrsXRoeZoLHzDhgB&template_id=484&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217872805396548761517%22,%22debug_reporting%22:true,%22destination%22:%22https://checkmk.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22815308141%22],%2222%22:[%22true%22],%224%22:[%2202-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228056321670070044497%22}&andc=true

Request Chain 101

https://googleads.g.doubleclick.net/pagead/adview?ai=CTjax1pXHZc2rKLCl2OMPjvaM-A_vg6K8c8Peurn7EdrZHhABIKLr1w1glcqbgqwHoAHrxo_WA8gBCagDAcgDSKoEzgFP0MqK3xvG8JyuY6fKhf1tvluLzQAmc2CWJnM3nI5_Bqfz1PihVOxFAAiwxY8aOZrkXWKegmlByrlpYxF7Sw-cmzi1VnYLjOKW4JyjRyPmgwqAZpY4P3BSgiFCckVe7Pdrvm6BU0crKegLx9j5AibCXa2LmBpws3Da_kdUkJ5ax9SIXCFblybzcVKkqoIsaeTqyzMhQbo72oQMd0OZj0l8z8gVTijRzi7V3fmBGasO029qaZNFeMy8sU9-bN8y05lUbuAyomDM9ucblhuL6MAEocWuhqUEiAWovKehSpIFBAgEGAGSBQQIBRgEoAYugAf9uPApqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwDyBwQQhcMQ0ggmCIDhgBAQARgfMgKqAjoJgECAgISAgIQISL39wTpYwMTm8IqhhAOaCTZodHRwczovL3d3dy5zdHJhdW1hbm4uY29tL2RlL2RlL2xhbmRpbmcvSU9TLVRyaW9zLmh0bWyACgHICwHYEw3QFQGAFwGyFxwKGggAEhRwdWItMjQxMzY5MzI4NDY2MjI3NRgAshgEEgLrTg&sigh=a1jlAlYk5ao&uach_m=%5BUACH%5D&ase=2&cid=CAQSTgAvHhf_2OBNVjboGEqOSSL4orW5-ScAPwBIjlysX-cWuW12-QrPxb0NXqrwH4JrHvHhV304KIiShheuUWAqJruKbgakD9E88LBRR_kpBRgB&template_id=419&cbvp=2&vis=1&nis=5 HTTP 302
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215866919264114666312%22,%22debug_reporting%22:true,%22destination%22:%22https://straumann.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985916267%22],%2222%22:[%22true%22],%224%22:[%2202-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211925714470558757105%22}&andc=true

Request Chain 127

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN3TOm-w4-snfwUHPZy292g&google_cver=1&google_push=AXcoOmSX4E7-KStVS4Gnyp63aliiB1pgOZ_0gnT0Ei7ARicGhleq4z8cXi0DunPFlDDLcrnSc5JM9krrgF8ETW2imYT-Mt_9Ik-A_g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE5MzcxOTYyMzM1OTI4MTQ4Mw==&gdpr=&gdpr_consent= HTTP 302
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBw4JmHx9FkPKfkagTegW24&google_cver=1

Request Chain 129

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEILjPCPhHG7gx4JHw6HY_Uo&google_cver=1&google_push=AXcoOmTh2Ro-EmL39gscVEu2gqu_cLSQZkdvOofMDwhDs_gD3AAZxTP3_D2gu58GqR6q7JNk_Hzs4e9g43snz2cPm545WqwHudHSNQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTh2Ro-EmL39gscVEu2gqu_cLSQZkdvOofMDwhDs_gD3AAZxTP3_D2gu58GqR6q7JNk_Hzs4e9g43snz2cPm545WqwHudHSNQ&google_hm=kI7yue-URkm1aNPFyuGXtrg

Request Chain 131

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESENpeIJLT8gvWzsiWxsrZivk&google_cver=1&google_push=AXcoOmTpRWEpFPsSfWNzzLFTenTSKohiKeP2L44O8yMM36Ejzif_TcgCZniGcliqkpxQVz1FbnKp9kyEZoLExMUK_KZzjWSKbKdgxQ HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESENpeIJLT8gvWzsiWxsrZivk&google_cver=1&google_push=AXcoOmTpRWEpFPsSfWNzzLFTenTSKohiKeP2L44O8yMM36Ejzif_TcgCZniGcliqkpxQVz1FbnKp9kyEZoLExMUK_KZzjWSKbKdgxQ&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=Kh_HaOJXOlWxcqPkLhA0NjGrcAPjr2QN5d9cI69Zyyw&pi=adx&tdc=ams&pi=adxab&google_gid=CAESENpeIJLT8gvWzsiWxsrZivk&google_cver=1&google_push=AXcoOmTpRWEpFPsSfWNzzLFTenTSKohiKeP2L44O8yMM36Ejzif_TcgCZniGcliqkpxQVz1FbnKp9kyEZoLExMUK_KZzjWSKbKdgxQ&tc=1

Request Chain 133

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJZEITT_-0c5aUt9ghK2Dgw&google_cver=1&google_push=AXcoOmQ1uMTZL-af9Jiiio5Wo9zTp_jR6akzZb8agdeM8FsvmGDmIjnXo1RtwHh9cTrkpmC6yaGd0lBQ2p2lEWbgn-voSlMvsgtmsg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ1uMTZL-af9Jiiio5Wo9zTp_jR6akzZb8agdeM8FsvmGDmIjnXo1RtwHh9cTrkpmC6yaGd0lBQ2p2lEWbgn-voSlMvsgtmsg

Request Chain 137

https://um.simpli.fi/gp_match?google_gid=CAESEKrzECzIp3wCBJWr59k-AmY&google_cver=1&google_push=AXcoOmS1UyvmJ04-udrOw__g0oMUxSByR6MUqbrJ_dpAZhL4sABHhV-CXewjYZ_tsSGtA9sq9LbRqNxz01pUtYNFLYV5bZ4By7QEPmQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=257392C670464D7A947F2E5F771BE62F&google_push=AXcoOmS1UyvmJ04-udrOw__g0oMUxSByR6MUqbrJ_dpAZhL4sABHhV-CXewjYZ_tsSGtA9sq9LbRqNxz01pUtYNFLYV5bZ4By7QEPmQ

Request Chain 138

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOXl2tMkEMuMlmCn9DowyKI&google_cver=1&google_push=AXcoOmSNkgiapIT2zw3_pufyclYiJfZxbylHIEUOTE6BWlAshcuStbuiUR0iGmxJbH-BBPYRKaSzaCur13QqYrq5d8QxNWTNlGl17NE HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSNkgiapIT2zw3_pufyclYiJfZxbylHIEUOTE6BWlAshcuStbuiUR0iGmxJbH-BBPYRKaSzaCur13QqYrq5d8QxNWTNlGl17NE&google_hm=eS1ETm5ra0RCRTJwRlo5blhzVklyR0F3by43aDVpSnd1dn5B

Request Chain 139

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECZ8lZ8oJJyixZ_1TZakBDo&google_cver=1&google_push=AXcoOmT3aX3kG0YyJDMcKndKkBU13153O3mTETXxqFmyme6C6Iy2c6KqOAlSeybUnfQQwfkjzW0GHVeIYCU3N8gKqijN2CLNZNx2WlI HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT3aX3kG0YyJDMcKndKkBU13153O3mTETXxqFmyme6C6Iy2c6KqOAlSeybUnfQQwfkjzW0GHVeIYCU3N8gKqijN2CLNZNx2WlI

Request Chain 140

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmQBh-_f_q5G_zfqA9tlCuN63pBVbyKhNx04r1K-smhGm5mHuDDvy8eYUnLVZIh1jWvyflCRg2EDDQkgNvIls3ez9zI0nWTfPz8 HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmQBh-_f_q5G_zfqA9tlCuN63pBVbyKhNx04r1K-smhGm5mHuDDvy8eYUnLVZIh1jWvyflCRg2EDDQkgNvIls3ez9zI0nWTfPz8&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=Kh_HaOJXOlWxcqPkLhA0NjGrcAPjr2QN5d9cI69Zyyw&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmQBh-_f_q5G_zfqA9tlCuN63pBVbyKhNx04r1K-smhGm5mHuDDvy8eYUnLVZIh1jWvyflCRg2EDDQkgNvIls3ez9zI0nWTfPz8&tc=1 HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5

Request Chain 141

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmR0RLd5G9aFJJgh8ddIF6MySLGtscoIS4TTO6i-hk2qWRZUY3YZspIbA_As1u2109SuppIUAmdU2h1YWIo5E7nKwG3bSh0dWPRF HTTP 302
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmR0RLd5G9aFJJgh8ddIF6MySLGtscoIS4TTO6i-hk2qWRZUY3YZspIbA_As1u2109SuppIUAmdU2h1YWIo5E7nKwG3bSh0dWPRF&tc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=Kh_HaOJXOlWxcqPkLhA0NjGrcAPjr2QN5d9cI69Zyyw&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmR0RLd5G9aFJJgh8ddIF6MySLGtscoIS4TTO6i-hk2qWRZUY3YZspIbA_As1u2109SuppIUAmdU2h1YWIo5E7nKwG3bSh0dWPRF&tc=1 HTTP 302
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5

Request Chain 148

https://gcdn.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/AC3B363FD2FC752C35E103C7E4ADA598DEAEE687.42CAE213EEDC25DE392C92DCBE3254222756951C/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7093135F28000C8A948B2B412A5AE6345639042D.015D576415929236C2FFD3E054A4441B2F30EAA9/key/cms1/cms_redirect/yes/mh/aM/mip/84.19.175.184/mm/42/mn/sn-4g5lznek/ms/onc/mt/1707578140/mv/u/mvi/1/pl/21/file/file.mp4

Request Chain 152

https://gcdn.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signature/9277F928E484A14AEF6763EF3BE0F752848E28E7.2B7202509FA20C818A4A27948E7385F9748E79B1/key/ck2/file/file.mp4 HTTP 302
https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/48795B3F6454C1EE9D51D5380EEAB9E8AC12BAA0.2FF63B8A0355DAF2217BFD81E27856EC307A143C/key/cms1/cms_redirect/yes/mh/aM/mip/84.19.175.184/mm/42/mn/sn-4g5lznek/ms/onc/mt/1707578140/mv/u/mvi/1/pl/21/file/file.mp4

169 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
cryptext.eu/
Redirect Chain

http://cryptext.eu/
https://cryptext.eu/

21 KB
6 KB

486ms
63ms

Document
text/html

37.9.175.155
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptext.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.9.175.155 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r2.websupport.sk
Software: openresty /
Resource Hash: efc616ab866cd1f2b6f6285cdb38e106711f21f9e9bb6991d3642dd7a9cb59d0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: br
content-type: text/html
date: Sat, 10 Feb 2024 15:27:17 GMT
etag: W/"5389-60ed865ce2f00"
last-modified: Sat, 13 Jan 2024 19:00:44 GMT
server: openresty
vary: Accept-Encoding

Redirect headers

Connection: keep-alive
Content-Length: 166
Content-Type: text/html
Date: Sat, 10 Feb 2024 15:27:17 GMT
Keep-Alive: timeout=10
Location: https://cryptext.eu/
Server: openresty

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 280 KB
93 KB 392ms
39ms Script
application/javascript 142.250.186.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9ZWSGBX9GK

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.72 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

666e4d368ce72c943520791b641310b1e67c68ae5d34172e242a5dade6111069

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 94999
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Sat, 10 Feb 2024 15:27:17 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 150 KB
51 KB 442ms
72ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2413693284662275

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5f8d63db4ebf92a0acd4f40b6c055021c3fe826fb648256ec4ab15b09c9e92f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Origin: https://cryptext.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 51772
x-xss-protection: 0
server: cafe
etag: 11315562786518992833
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
link: <https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires: Sat, 10 Feb 2024 15:27:17 GMT

GET
H2 200 font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 30 KB
6 KB 387ms
42ms Stylesheet
text/css 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 742386
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 5631
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-7918"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EgV7OKVjYwwSLYEwrH1k0BW%2BEdxnMpqTg5D%2BZzNLf1KIiDWlbf1Lbvlhf2TRuW9FvSlKljMYYzTJ%2B3NtmM%2FTjzGBmqyNS7xw7MFTcCPtQHmh6L0J6z4hwC7tAdpcclmoAZROBeq2"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85356018ceaf2c21-FRA
expires: Thu, 30 Jan 2025 15:27:17 GMT

GET
H2 200 cryptext.css
cryptext.eu/x-css/ 178 KB
22 KB 76ms
76ms Stylesheet
text/css 37.9.175.155
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptext.eu/x-css/cryptext.css
Requested by: Host: cryptext.eu
URL: https://cryptext.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.9.175.155 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r2.websupport.sk
Software: openresty /
Resource Hash: 3fde3688ee2e59667e357040b5cddf216e74cd8a6b9addc2ad6534ae4552bffa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
content-encoding: br
last-modified: Wed, 25 Oct 2023 19:33:30 GMT
server: openresty
etag: W/"2c8ae-6088f87b46e92"
vary: Accept-Encoding
content-type: text/css

GET
H2 200 cookiealert.css
cdn.jsdelivr.net/gh/Wruczek/Bootstrap-Cookie-Alert@gh-pages/ 12 KB
9 KB 384ms
37ms Stylesheet
text/css 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Wruczek/Bootstrap-Cookie-Alert@gh-pages/cookiealert.css

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c8ed597c834c987ee710f904d10ea365a237f342c2d13b4bfeb1ae9f4ed32da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 22530
x-jsd-version: gh-pages
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230021-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"2fbd-7UR16VoPnS9eCTwKtCveNh46QtM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qmz7eqMWkJUjS%2FH67kTUJ0tdyKSgsU3Q2D%2BpmxWIwSNRaeSZi508TV%2Bsgmn9e4Hgnzexn2uSKlTT36Uq3eppDBAWfRbL7ztugm5nrLZkoeq2NHooLtKVk%2F%2BnqHyd%2Bm9AxSo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85356018dbe53a4f-FRA

GET
H2 200 bit-code.png
cryptext.eu/x-o/ 11 KB
11 KB 62ms
62ms Image
image/png 37.9.175.155
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptext.eu/x-o/bit-code.png
Requested by: Host: cryptext.eu
URL: https://cryptext.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.9.175.155 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r2.websupport.sk
Software: openresty /
Resource Hash: 70a10cc5fce32a739c7d86d46f7640592e460b871c62e6f159a2b725ec756cc3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
last-modified: Tue, 24 Oct 2023 17:01:37 GMT
server: openresty
accept-ranges: bytes
etag: "2b6a-608794ab5cd90"
content-length: 11114
content-type: image/png

GET
H/1.1 403
Forbidden invoke.js
pl22136284.toprevenuegate.com/3b8a352137636c6f6ffd01f59562810c/ 0
0 817ms
113ms Script
application/javascript 172.240.108.84
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://pl22136284.toprevenuegate.com/3b8a352137636c6f6ffd01f59562810c/invoke.js
Requested by: Host: cryptext.eu
URL: https://cryptext.eu/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 172.240.108.84 , United States, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: nginx/1.21.6 /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 15:27:18 GMT
Server: nginx/1.21.6
Accept-CH: Device-Stock-UA,Sec-CH-UA,Sec-CH-UA-Full-Version,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,User-Agent,X-Device-User-Agent,X-OperaMini-Phone-UA,X-UCBrowser-Device-UA
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
Access-Control-Allow-Origin: *
Content-Type: application/javascript
Connection: keep-alive
Content-Length: 0

GET
H2 200 zakoduj.js Show response
cryptext.eu/x-js/ 2 KB
879 B 77ms
76ms Script
application/javascript 37.9.175.155
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptext.eu/x-js/zakoduj.js
Requested by: Host: cryptext.eu
URL: https://cryptext.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.9.175.155 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r2.websupport.sk
Software: openresty /
Resource Hash: c82b8142fea82535fa8410fceef7b125a01c167d0736e3e8d525cd2403a30031

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 17:01:37 GMT
server: openresty
etag: W/"72e-608794ab0dbee"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 odkoduj.js Show response
cryptext.eu/x-js/ 2 KB
979 B 109ms
108ms Script
application/javascript 37.9.175.155
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptext.eu/x-js/odkoduj.js
Requested by: Host: cryptext.eu
URL: https://cryptext.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.9.175.155 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r2.websupport.sk
Software: openresty /
Resource Hash: 70e2d61c7d7f4b0cfe91cffccd6b44f1cdf56160db21647b7d7aaee985a33fd3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 17:01:37 GMT
server: openresty
etag: W/"83f-608794ab0dbee"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 sifra.js Show response
cryptext.eu/x-js/ 109 KB
27 KB 117ms
116ms Script
application/javascript 37.9.175.155
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cryptext.eu/x-js/sifra.js
Requested by: Host: cryptext.eu
URL: https://cryptext.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.9.175.155 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r2.websupport.sk
Software: openresty /
Resource Hash: 4416df85684789193675dcb13e3e042574f9750ec5f7371807204818ad3968ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
content-encoding: br
last-modified: Tue, 24 Oct 2023 17:01:37 GMT
server: openresty
etag: W/"1b530-608794ab158ee"
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 cookiealert.js Show response
cdn.jsdelivr.net/gh/Wruczek/Bootstrap-Cookie-Alert@gh-pages/ 2 KB
1 KB 373ms
35ms Script
application/javascript 104.16.89.20
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/Wruczek/Bootstrap-Cookie-Alert@gh-pages/cookiealert.js

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.89.20 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 25626
x-jsd-version: gh-pages
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-served-by: cache-fra-eddf8230042-FRA
x-jsd-version-type: branch
server: cloudflare
etag: W/"72c-kReXUH+xLU9FHVkA4y25ataXxAE"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81Rty1lxfwq2T1sglqleVQoghG4RemJ9jH6wsnTcHNBVMYYKNN0DoOf8OKpBfX4RNNGSzadugxNIyihkDntRmFtTiXNo8Dctm12isRyer2pcn1hSdRdpHcC7%2B64fiLiRzWo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 85356018dbea3a4f-FRA

GET
H2 200 jquery-3.3.1.slim.min.js Show response
code.jquery.com/ 68 KB
24 KB 376ms
26ms Script
application/javascript 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.slim.min.js
Requested by: Host: cryptext.eu
URL: https://cryptext.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1

Request headers

Referer: https://cryptext.eu/
Origin: https://cryptext.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 12776634
x-cache: HIT, HIT
content-length: 24038
x-served-by: cache-lga21982-LGA, cache-fra-eddf8230047-FRA
last-modified: Fri, 18 Oct 1991 12:00:00 GMT
server: nginx
x-timer: S1707578838.904234,VS0,VE0
etag: W/"28feccc0-1111d"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=604800
accept-ranges: bytes
x-cache-hits: 116, 294096

GET
H2 200 popper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/ 20 KB
7 KB 403ms
56ms Script
application/javascript 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/popper.js/1.14.3/umd/popper.min.js

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cryptext.eu/
Origin: https://cryptext.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3920442
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 6451
last-modified: Mon, 04 May 2020 16:15:37 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03fa9-4f71"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HJq9R8On%2FT2JNAjwv7ANxje3Lwyfe7uwBuz5dgzPqxsQLKxfqkRVy6uFQXTGhkV9cWNcqxvHNeL6wro5iyzRPpZBHnFBiMsX16cqVZXrZAH5t0qtug8irjaGDCnGyAtNxLVIxD6V"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 85356018fbda9031-FRA
expires: Thu, 30 Jan 2025 15:27:17 GMT

GET
H2 200 bootstrap.min.js Show response
stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/ 57 KB
16 KB 484ms
134ms Script
application/javascript 104.18.10.207
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://stackpath.bootstrapcdn.com/bootstrap/4.3.1/js/bootstrap.min.js

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.10.207 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cryptext.eu/
Origin: https://cryptext.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
cdn-edgestorageid: 1079
age: 340237
cdn-cachedat: 08/21/2023 18:50:34
cdn-pullzone: 252412
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 25 Jan 2021 22:04:08 GMT
cdn-proxyver: 1.04
cdn-requestpullcode: 200
server: cloudflare
etag: W/"e1d98d47689e00f8ecbc5d9f61bdb42e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cdn-cache: HIT
cdn-uid: b1941f61-b576-4f40-80de-5677acb38f74
cache-control: public, max-age=31919000
cdn-requestid: 4ff1a3eae7e5fd895d1ccfd1c3d6c0d4
timing-allow-origin: *
cdn-requestcountrycode: DE
cdn-status: 200
cf-ray: 85356018e88bbbad-FRA
cdn-requestpullsuccess: True

GET
H2 200 cryptic.jpg
cryptext.eu/x-o/ 97 KB
97 KB 61ms
60ms Image
image/jpeg 37.9.175.155
WEBSUPPORT-SRO-SK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cryptext.eu/x-o/cryptic.jpg
Requested by: Host: cryptext.eu
URL: https://cryptext.eu/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 37.9.175.155 , Slovakia, ASN51013 (WEBSUPPORT-SRO-SK-AS, SK),
Reverse DNS: ing.r2.websupport.sk
Software: openresty /
Resource Hash: d2e0f1892e3a4aaf3e9e0e8fbb342e102419e2108c6c079b98ea77ac9849405c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
last-modified: Tue, 24 Oct 2023 17:01:37 GMT
server: openresty
accept-ranges: bytes
etag: "1825d-608794ab67970"
content-length: 98909
content-type: image/jpeg

GET
DATA 200
OK truncated
/ 8 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 75 KB
76 KB 44ms
44ms Font
application/octet-stream 104.17.25.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.17.25.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin: https://cryptext.eu
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:17 GMT
strict-transport-security: max-age=15780000
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 847206
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 77160
last-modified: Mon, 04 May 2020 16:10:07 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e5f-12d68"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=snWR1qZX1WT7KqYd4hTSb4PX%2B60RRxbunXPhiRi%2BvkxTduvv3JPG56GCCiRMHbjMd8aof7%2BLRzEMY3cxgiODxuxEjGhqAqut%2BrUj9Ht7AQVU76FZ75s88sdVWfcX0pS2IFZYwzeu"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 853560191c1a9031-FRA
expires: Thu, 30 Jan 2025 15:27:17 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
251 B 387ms
31ms Ping
text/plain 216.239.32.36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9ZWSGBX9GK&gtm=45je4270v9169186240za200&_p=1707578837545&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=69353782.1707578838&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1707578837&sct=1&seg=0&dl=https%3A%2F%2Fcryptext.eu%2F&dt=Cryptext%20-%20Send%20encrypted%20message%20online&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&tfd=1557
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9ZWSGBX9GK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 216.239.32.36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cryptext.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
242 B 389ms
30ms Ping
text/plain 74.125.206.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9ZWSGBX9GK&cid=69353782.1707578838&gtm=45je4270v9169186240za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9ZWSGBX9GK
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 74.125.206.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: wk-in-f157.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:18 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cryptext.eu
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 407ms
56ms Image
image/gif 142.250.186.35
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9ZWSGBX9GK&cid=69353782.1707578838&gtm=45je4270v9169186240za200&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=311597511

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.35 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f3.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 406 KB
138 KB 428ms
79ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2413693284662275&plah=cryptext.eu&aplac=true&bust=31080873

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2413693284662275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

f644378fcaae753f2caf3b80cf20533cae70747867bb7b041c51049fceb6dbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140920
x-xss-protection: 0
server: cafe
etag: 10786450315736224600
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 15:27:18 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/ Frame 7222 9 KB
5 KB 379ms
23ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-2413693284662275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 43532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 03:21:46 GMT
etag: 3890843268177463596
expires: Sat, 24 Feb 2024 03:21:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
349 B 383ms
52ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=2166195837367898&num=0&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 4255 187 KB
49 KB 491ms
491ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&adk=1812271804&adf=3025194257&lmt=1705172444&plat=2%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fcryptext.eu%2F&pra=5&wgl=1&easpi=0&asro=0&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2~4~6~9~17&aslcwct=150&asacwct=25&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578838016&bpp=6&bdt=482&idt=536&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=792926952549&frm=20&pv=2&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=552

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-2413693284662275&plah=cryptext.eu&aplac=true&bust=31080873

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

3346f00ef8366b969f18f29b777e219b303534a5ca06277983b7246e295ded19

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 49445
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 15:27:19 GMT
expires: Sat, 10 Feb 2024 15:27:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 53ms
52ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=NAV&cls=navbar%20navbar-expand-md%20navbar-dark%20bg-primary%20fixed-top&ign=false&pw=1600&ph=1200&x=0&y=0

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 127C 126 KB
42 KB 594ms
593ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1200x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578838023&bpp=1&bdt=490&idt=553&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=555

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

d44413d0159ff711ea2290231a24b9a1ef032d1305f04abcd02c1ad72a70aaca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 42647
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 15:27:19 GMT
expires: Sat, 10 Feb 2024 15:27:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 reactive_library_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/ 165 KB
56 KB 67ms
67ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402010101/reactive_library_fy2021.js?bust=31080873

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

33a1ff747dd9600b7a892921651f9b3c156688dcb165d53d619ca3f593c31b46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:19 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57064
x-xss-protection: 0
server: cafe
etag: 6047467576354766639
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 15:27:19 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 57ms
57ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3687667015831694&num=0&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7462 90 KB
29 KB 547ms
547ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3157847563&adf=1199968654&pi=t.aa~a.362280133~i.7~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1915216740&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839113&bpp=1&bdt=1579&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

cc16811d012314472824c6b213ba15798d11223e41557108a85de775bc23e1a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29314
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 15:27:19 GMT
expires: Sat, 10 Feb 2024 15:27:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 58ms
52ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=0&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 57ms
52ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=1&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 58ms
53ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=2&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 58ms
53ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=3&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 57ms
52ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=4&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 61ms
56ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=5&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 61ms
56ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=6&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 61ms
56ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=7&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 61ms
57ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=8&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 62ms
57ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=9&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 61ms
57ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=10&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 62ms
57ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3446055895241222&num=11&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 62ms
58ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=0&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 62ms
58ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=1&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 62ms
58ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=2&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 62ms
58ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=3&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
47 B 62ms
58ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=4&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 63ms
59ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=5&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 63ms
59ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=6&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 101ms
98ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=7&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 102ms
98ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=8&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 102ms
98ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=9&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 102ms
99ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=75871221201877&num=10&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 102ms
99ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1381763744477440&num=0&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 102ms
99ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1381763744477440&num=1&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 106ms
103ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1381763744477440&num=2&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 109ms
107ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1381763744477440&num=3&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 109ms
106ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1381763744477440&num=4&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 108ms
105ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1381763744477440&num=5&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 108ms
106ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1381763744477440&num=6&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 108ms
106ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=1381763744477440&num=7&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 108ms
106ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=544174680487442&num=0&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 110ms
108ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=544174680487442&num=1&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 109ms
107ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=544174680487442&num=2&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 109ms
107ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=544174680487442&num=3&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 107ms
105ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=544174680487442&num=4&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 109ms
107ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=544174680487442&num=5&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 109ms
108ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_exclusion_zone&typ=noex&cor=3250168670761035&num=0&dvc=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C2DB 90 KB
29 KB 763ms
762ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=93411971&adf=2831361282&pi=t.aa~a.3541775406~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1592&idt=-M&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

5574d8962af2e880c5cd0e342b1dc93afaa2df69c6d1a522bd5295a2e5833acd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 29281
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 15:27:19 GMT
expires: Sat, 10 Feb 2024 15:27:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 684D 846 B
703 B 438ms
438ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3809598800&adf=4061442901&pi=t.aa~a.302380595~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1200x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1591&idt=-M&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280&nras=5&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2768&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=5&uci=a!5&btvi=3&fsb=1&dtd=11

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

c23d57c6647efa00c711d7a66264954a0382ede261e404916f2b869db7568276

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 15:27:19 GMT
expires: Sat, 10 Feb 2024 15:27:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A87B 846 B
699 B 490ms
490ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3493310977&adf=1735554794&pi=t.aa~a.2295198862~rp.1&w=1200&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1200x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1591&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280%2C1110x280%2C1200x280&nras=6&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=3929&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=6&uci=a!6&btvi=4&fsb=1&dtd=13

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

0913a0b5b58243257d66c58787020d0efc9e93a4a689575dfa8ea12a1d564d27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 404
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 15:27:19 GMT
expires: Sat, 10 Feb 2024 15:27:19 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 93ms
93ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_success&c=7&wpc=ca-pub-2413693284662275&w=1600&h=1200&pp=0&ppp=0&eatf=false&eatfAbg=false&reatf=false&a=6%2C1%2C5%2C7&apv=20240205_093419&sat=1707380569209&afm=0&as_count=0&d_count=0&ng_count=0&am_count=7&atf_count=1&mdns=0&alldns=0.286&allp=93&fd=(0%2C19%2C12)%2C(1%2C0%2C0)%2C(2%2C2%2C1)&pgh=6844&abl=false&rr=n&su=cryptext.eu&pvc=2776398177361922&r=0.1&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 127C 4 KB
1 KB 486ms
31ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3809598800&adf=54630664&pi=t.aa~a.3419504858~rp.4&w=1200&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1200x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578838023&bpp=1&bdt=490&idt=553&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=2&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=560&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=555

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Feb 2024 15:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 15:14:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Feb 2024 15:27:19 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 127C 2 KB
903 B 484ms
26ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 01:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 01:44:15 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/ Frame 54D1 9 KB
4 KB 24ms
23ms Document
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4209
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 22:54:22 GMT
etag: 3890843268177463596
expires: Fri, 23 Feb 2024 22:54:22 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2728354180183721846
tpc.googlesyndication.com/simgad/709532671071536610/ Frame 127C 28 KB
28 KB 497ms
48ms Image
image/jpeg 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/709532671071536610/2728354180183721846?w=600&h=314&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

364f6bb8b7e76b4c4cb1018aec511a517dfd5c2b37a5e266382f377f5b223c10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sun, 09 Feb 2025 10:21:42 GMT
date: Sat, 10 Feb 2024 10:21:42 GMT
x-content-type-options: nosniff
age: 18337
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28958
x-xss-protection: 0
last-modified: Tue, 18 Oct 2022 19:06:41 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 11697146798333333488
tpc.googlesyndication.com/simgad/ Frame 127C 6 KB
7 KB 495ms
46ms Image
image/png 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/11697146798333333488?w=100&h=100&tw=1&q=75

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

0249ff578fe76fb2a2dc97eec0749c5ea4dc4a1d97c6d73d24a66a9fcbf3fae4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

expires: Sat, 08 Feb 2025 12:56:49 GMT
date: Fri, 09 Feb 2024 12:56:49 GMT
x-content-type-options: nosniff
age: 95430
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6592
x-xss-protection: 0
last-modified: Tue, 13 Jun 2023 10:32:19 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
allow-fenced-frame-automatic-beacons: true

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 127C 23 KB
9 KB 467ms
28ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 10:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 10:19:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 127C 3 KB
1 KB 498ms
59ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 01:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 01:44:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 127C 20 KB
9 KB 459ms
20ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 01:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 01:02:13 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/m202401250101/ Frame 127C 205 KB
62 KB 21ms
21ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202401250101/ufs_web_display.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

b7235f7fbb2b5be1ce3b1ef0ca72f7e7b13b9634144966c70c041c52793a9926

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 14:01:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5160
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63253
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=31536000, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 09 Feb 2025 14:01:19 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame 127C 37 KB
15 KB 460ms
22ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 17:48:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 22:23:16 GMT

GET
H2 200 73134fbfa16854d24caf7cd541ab86d9.js Show response
www.gstatic.com/mysidia/ Frame 9955 9 KB
5 KB 436ms
21ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/73134fbfa16854d24caf7cd541ab86d9.js?tag=client_fast_engine_2019

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 07:45:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27688
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4097
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 17:48:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 May 2024 07:45:51 GMT

GET
H2 200 24adaead910fc9a5ff63297aa6506341.js Show response
www.gstatic.com/mysidia/ Frame 9955 42 KB
16 KB 461ms
47ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/24adaead910fc9a5ff63297aa6506341.js?tag=html5_display_upload/html5_exit_api

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

1fc3fc15c5174ad3cb04edf14be49d28ff88849b52dda7b758bc5600ee8abefa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 01:36:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49821
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16666
x-xss-protection: 0
last-modified: Tue, 06 Feb 2024 17:13:29 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Fri, 10 May 2024 01:36:58 GMT

GET
H2 200 load_preloaded_resource_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 9955 2 KB
856 B 472ms
58ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/load_preloaded_resource_fy2021.js

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 01:44:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49384
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 795
x-xss-protection: 0
server: cafe
etag: 4925184154378345226
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 01:44:15 GMT

GET
H2 200 2f792cc3c5c7726a78878a6415eda87d.js Show response
www.gstatic.com/mysidia/ Frame 9955 23 KB
10 KB 465ms
52ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/2f792cc3c5c7726a78878a6415eda87d.js?tag=exit_2019

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

d618de8c2467801a06ec38c393fc4eb83d230190805ae8c4da5505104d232e37

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 20:04:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 69745
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9733
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 17:48:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 20:04:54 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 9955 23 KB
9 KB 454ms
41ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 10:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 10:19:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 9955 3 KB
1 KB 458ms
45ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/window_focus_fy2021.js

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 01:44:11 GMT
content-encoding: br
x-content-type-options: nosniff
age: 49388
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 01:44:11 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 9955 20 KB
8 KB 437ms
23ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 01:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 01:02:13 GMT

GET
H2 200 ufs_web_display.js Show response
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 9955 203 KB
61 KB 21ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 14:34:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3184
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62553
x-xss-protection: 0
server: cafe
etag
vary: Accept-Encoding
content-type: text/javascript; charset=windows-1257
cache-control: public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 10 Feb 2024 15:34:15 GMT

GET
H2 200 7b5e6815b417a6dcda76775ec840e2bc.js Show response
www.gstatic.com/mysidia/ Frame 9955 37 KB
15 KB 451ms
38ms Script
text/javascript 142.250.186.163
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7b5e6815b417a6dcda76775ec840e2bc.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.163 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f3.1e100.net

Software

sffe /

Resource Hash

87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:23:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61443
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15515
x-xss-protection: 0
last-modified: Thu, 08 Feb 2024 17:48:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 09 May 2024 22:23:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame 7462 23 KB
9 KB 26ms
25ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3157847563&adf=1199968654&pi=t.aa~a.362280133~i.7~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1915216740&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839113&bpp=1&bdt=1579&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 10:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 10:19:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 7462 9 KB
846 B 57ms
56ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Feb 2024 15:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 15:20:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Feb 2024 15:27:19 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 7462 15 KB
3 KB 390ms
25ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 22:23:17 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame 7462 378 KB
132 KB 419ms
53ms Script
text/javascript 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 12:12:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame 7462 20 KB
8 KB 24ms
24ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 01:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 01:02:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 7462 0
0 384ms
31ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS2G3QtU32Yb5LK4MfIl_YbQxvCkyqydk_JUJGIgopgkupIm61ac64ggdRJfVKAX5ZgXnKY0ZRiVbT3QX-smKCgfkKLRA
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3157847563&adf=1199968654&pi=t.aa~a.362280133~i.7~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1915216740&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839113&bpp=1&bdt=1579&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
DATA 200
OK truncated
/ Frame 127C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3c3daf0d8c042aef27ef3afcc9b81f3bf15632148646fe358ea34aa9b59b7f53

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 127C 16 KB
16 KB 376ms
22ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 09:10:14 GMT
x-content-type-options: nosniff
age: 368226
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 09:10:14 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 127C 15 KB
15 KB 380ms
28ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:55 GMT
x-content-type-options: nosniff
age: 56245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 23:49:55 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 127C
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CcM7N1pXHZc2BLYjV29gP39WCiAP917fede3x2ZjZEb_O8_0IEAEgouvXDWCVypuCrAegAe264oQDyAEJqQLUp6sw8RayPqgDAcgDywSqBP4BT9DRBf-dXcR2M1kxfEXTgqIzK0WvB1N1yZC...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217872805396548761517%22,%22debug_reporting%22:true,%22destination%22:%22https://checkmk.com%22,%22event_report_window%22:%...

0
0

106ms
57ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2217872805396548761517%22,%22debug_reporting%22:true,%22destination%22:%22https://checkmk.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22815308141%22],%2222%22:[%22true%22],%224%22:[%2202-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%228056321670070044497%22}&andc=true

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"17872805396548761517","debug_reporting":true,"destination":"https://checkmk.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["815308141"],"22":["true"],"4":["02-10"],"6":["true"]},"priority":"500","source_event_id":"8056321670070044497"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Feb 2024 15:27:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"17872805396548761517","debug_reporting":true,"destination":"https://checkmk.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["815308141"],"22":["true"],"4":["02-10"],"6":["true"]},"priority":"500","source_event_id":"8056321670070044497"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js Show response
pagead2.googlesyndication.com/bg/ Frame 7123 51 KB
20 KB 20ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19987
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 16:47:25 GMT

GET
H3

200

/
www.googleadservices.com/pagead/ar-adview/ Frame 9955
Redirect Chain

https://googleads.g.doubleclick.net/pagead/adview?ai=CTjax1pXHZc2rKLCl2OMPjvaM-A_vg6K8c8Peurn7EdrZHhABIKLr1w1glcqbgqwHoAHrxo_WA8gBCagDAcgDSKoEzgFP0MqK3xvG8JyuY6fKhf1tvluLzQAmc2CWJnM3nI5_Bqfz1PihVOx...
https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215866919264114666312%22,%22debug_reporting%22:true,%22destination%22:%22https://straumann.com%22,%22event_report_window%22...

0
0

109ms
59ms

Fetch
text/css

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/ar-adview/?nrh={%22debug_key%22:%2215866919264114666312%22,%22debug_reporting%22:true,%22destination%22:%22https://straumann.com%22,%22event_report_window%22:%22259200%22,%22expiry%22:%222592000%22,%22filter_data%22:{%222%22:[%22985916267%22],%2222%22:[%22true%22],%224%22:[%2202-10%22],%226%22:[%22true%22]},%22priority%22:%22500%22,%22source_event_id%22:%2211925714470558757105%22}&andc=true

Requested by

Host: cryptext.eu
URL: https://cryptext.eu/

Protocol

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
attribution-reporting-register-source: {"debug_key":"15866919264114666312","debug_reporting":true,"destination":"https://straumann.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985916267"],"22":["true"],"4":["02-10"],"6":["true"]},"priority":"500","source_event_id":"11925714470558757105"}
server: cafe
content-type: text/css; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sat, 10 Feb 2024 15:27:20 GMT

Redirect headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Feb 2024 15:27:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://www.googleadservices.com/pagead/ar-adview/?nrh={"debug_key":"15866919264114666312","debug_reporting":true,"destination":"https://straumann.com","event_report_window":"259200","expiry":"2592000","filter_data":{"2":["985916267"],"22":["true"],"4":["02-10"],"6":["true"]},"priority":"500","source_event_id":"11925714470558757105"}&andc=true
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js Show response
pagead2.googlesyndication.com/bg/ Frame E3B6 51 KB
20 KB 21ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240207/r20110914/zrt_lookup_fy2021.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81594
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19987
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 16:47:25 GMT

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 120ms
54ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 10 Feb 2024 15:27:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

OPTIONS
H2 204 /
www.googleadservices.com/pagead/ar-adview/ Frame 0
0 119ms
53ms Preflight
text/html 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: attribution-reporting-eligible
Access-Control-Request-Method: GET
Origin: https://googleads.g.doubleclick.net
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: attribution-reporting-eligible
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://googleads.g.doubleclick.net
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
date: Sat, 10 Feb 2024 15:27:19 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/ Frame C2DB 23 KB
9 KB 24ms
23ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/abg_lite_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=93411971&adf=2831361282&pi=t.aa~a.3541775406~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1592&idt=-M&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 10:19:00 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9319
x-xss-protection: 0
server: cafe
etag: 3610546441309021303
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 10:19:00 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame C2DB 9 KB
846 B 30ms
30ms Stylesheet
text/css 142.250.185.202
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.202 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f10.1e100.net

Software

ESF /

Resource Hash

d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Sat, 10 Feb 2024 15:27:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Sat, 10 Feb 2024 15:04:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 10 Feb 2024 15:27:19 GMT

GET
H2 200 outstream.min.css
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame C2DB 15 KB
3 KB 160ms
26ms Stylesheet
text/css 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

sffe /

Resource Hash

425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 22:23:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61443
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2939
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 22:23:17 GMT

GET
H2 200 outstream.min.js Show response
imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/ Frame C2DB 378 KB
132 KB 162ms
28ms Script
text/javascript 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

sffe /

Resource Hash

325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 12:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98110
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 134582
x-xss-protection: 0
last-modified: Thu, 18 Jan 2024 02:36:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 12:12:10 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/ Frame C2DB 20 KB
8 KB 21ms
21ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20240207/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

cafe /

Resource Hash

0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 01:02:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 51906
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8501
x-xss-protection: 0
server: cafe
etag: 9351358253902147912
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 24 Feb 2024 01:02:13 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame C2DB 0
0 152ms
30ms Image
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQCmwWr6eP7eBIkxLp7iQYnWBEPX-NYYD5rja8MYQchfbbo3-tBhMjEgxbHiR1Uy6kz6K5c1o9_tHH7lCN4iKtcq56ExQ
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=93411971&adf=2831361282&pi=t.aa~a.3541775406~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1592&idt=-M&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.184.196 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s11-in-f4.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

POST
H2 204 csi
csi.gstatic.com/ Frame C2DB 0
45 B 672ms
120ms Ping
image/gif 173.194.215.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsg8cpk6&c=6351404919509&slotId=3175702459754.5&qqid=CIPLkfGKoYQDFW3mFgUdKc8MaQ&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.215.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vt-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C2DB 15 KB
16 KB 22ms
22ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:56:55 GMT
x-content-type-options: nosniff
age: 250225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 17:56:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C2DB 15 KB
15 KB 26ms
26ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:55 GMT
x-content-type-options: nosniff
age: 56245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 23:49:55 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C2DB 0
56 B 52ms
52ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=CbRPz15XHZcODEu3M29gPqZ6zyAbpiNbTdduWv-SdEpfW1qq8ARABIKLr1w1glcqbgqwHoAHcxoqJKcgBBakC1KerMPEWsj6oAwHIA5sEqgTrAU_Qw32I9LddT4fny5Uvjk11vv23cBov5X8nbhc4gVaNv7j77rAHZeNnwDWe8aDMsAt-tm1KE_JB_kyXSeu5mymL_7ZvT7pUtf2N8JlA9UCOsKewmFc5BUd1sWJMp6vGpIgeq4Qa0Zsh0hl0zKfjaRnCPsq40CeB6hw3ZllK-ZkvQZWv3dTxj_zQm5Zveqjz8ZZ8VCYIjQp7yulUabO2o8o5yXtBSxz4bcSsh-qEEfNgbu_iNU3YsXlaG2G-cHlczdrtTPWmFAQXEPpO8nrbgOWsIzAFD2unXVCT6x60SdvnEE3d8bShuZJBo2rABKi8j5bPBOAEA4gFh-aCx02QBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WMOgifGKoYQDgAoByAsB4AsBgAwBqg0CREWwE_D0yxbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE&eventType=clickstring&clientTime=1707578840178&ai=CbRPz15XHZcODEu3M29gPqZ6zyAbpiNbTdduWv-SdEpfW1qq8ARABIKLr1w1glcqbgqwHoAHcxoqJKcgBBakC1KerMPEWsj6oAwHIA5sEqgTrAU_Qw32I9LddT4fny5Uvjk11vv23cBov5X8nbhc4gVaNv7j77rAHZeNnwDWe8aDMsAt-tm1KE_JB_kyXSeu5mymL_7ZvT7pUtf2N8JlA9UCOsKewmFc5BUd1sWJMp6vGpIgeq4Qa0Zsh0hl0zKfjaRnCPsq40CeB6hw3ZllK-ZkvQZWv3dTxj_zQm5Zveqjz8ZZ8VCYIjQp7yulUabO2o8o5yXtBSxz4bcSsh-qEEfNgbu_iNU3YsXlaG2G-cHlczdrtTPWmFAQXEPpO8nrbgOWsIzAFD2unXVCT6x60SdvnEE3d8bShuZJBo2rABKi8j5bPBOAEA4gFh-aCx02QBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WMOgifGKoYQDgAoByAsB4AsBgAwBqg0CREWwE_D0yxbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C2DB 0
225 B 663ms
120ms Ping
image/gif 173.194.215.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsg8cpkj&c=6351404919509&slotId=3175702459754.5&qqid=CIPLkfGKoYQDFW3mFgUdKc8MaQ&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.t8&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.215.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vt-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame C2DB 31 KB
18 KB 80ms
67ms XHR
text/xml 74.125.206.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-D5bq7VHGivM0eKo5l5NvebCaOJpa55p3kivQeqYIifU_kbkls6WI3IDnAzI9hrRMMaRNVPCxg9GmA0UDopFGCA6mb6Xw&cry=1&dbm_d=AKAmf-DaDw-BCQqntu_V8_IvWei1jlox9KFR9sO2OEc75wEsOuSN8WB5lSh8-sOCa1OHw0lZTOqTqyaGDiFOtG-Q17gtTlyJXiB-QK2PDKB6KW9XQVHLWASdTYUGYIwGfK0y_Rfpxm5gkuUH4aYnXDcMfMIPyHPRkZ0yuJNXo1E3bbngn6BfRpYAvNlyee37ylq3Pklqu97-HNCbIDW43OKPpfNI6yglrAfKxZEtd0tWNpfs37ipfS-HmJITfGTX8qY0bndA0Tdhvf2g03I9t_HHSPiQKTYEzjnVpvMfhioaQ3Uf7ytaVnKSoHA_yO05xj2AKeFaL9FmShKMKjGkeB6Yq1TpMGpEWV-CpjbfcoZox-0MH-YzcI5tJykDjRTCTEvMC7Y135yaUCqIDshZGLJybSZJBDSPmigxdsNYvgTxShw7qgg9vdkbxCwPMj5a6PLO8nMR1u3njEBcI7WRg1T6jV2ren3_p3VVEDm77VEahvzWPs4jZ1ndTGvq06HTf89y3ngwXaCJJ8CiijhXiiY5kfUx7cWlmOOTXNn5OiALdytoC1ZWc1gIliYGQHVnunAILKe8WBcQWe3prmLh8HXnxBa3fixpLEx0pjn9h0PhIJ7mqxT8eRPsYSQ_kZAvNRJ3JU23WIN2cMZGnsAjAHKWIXoD0snf0619bEEWNuaoWTkynQJrNi1btqPwRH-D5sLwJkNof-smzLoh2MidWTnGD8ICgh9kKqqbn4UjRh9VpqCENmYNS6eAKYvldz-AKykkUHC7VujXvJgWiNwzerlOHKi8qEsk2Dror4p0CBZKBajknRU3YJru5kdySBQ2oKfNl9I1LrzYekdg0BZYZcCKnbhKGrdnmmlT2zONzvKZKrZhb374zDEAuU8vL64LAkspq0Uexy3SY5RTUni8utViyN_4pBRY0RYC0GcT8DJBuNPFZIpbKdCSPy4Wrd2wZWxx6x3pEAHqhZ7IrHxz-vA1R-i0W7cvHhu-yivbBBR4SGVlmIorKBRCg1m22-szP9GcAyfiETg9SHyRbqYk3Hr7XnDfNZ2D_9L2NvkvD9yfufR2dp26_pVPRieWtV9XcgXvz09fH076H8ATOFPoVNVG3lPS5ofBNcYx9QJkRCdP0QTBdN-x_iKMPexOWSksX0NUQJvDxGQM789rfNysNFij1dd1Vz0cqRP1fYVyO7Xj16EETUJIqbSEmbkyQdKhG7tlznxvohrKYwLlnxFT0vMynyFqaz7eQernvAtrjtUiE0T6Beqoe8EQcAaPRMKC_nS-5ePFXeNtGOnlGF836qsSM_UmHDWSSpyIzN-Frn9aK23ky1f5Jlo8CMogFi0gQ9gz8Wmpq6AiCgmC1TaokwvAtCrzHNrAIEoypTMkrdy_VZQzBPxFMHWVtTTobJjJ43vvhrJnvW-hqxJbV2GCzSoxlz2mroFdws4NNpPEiLupdK8cVFa8JJ1XJtjhOATuY7en1-QvAF2P-6v-ykGEqqOSJrAuKw25gPqbYq_JD65htZbsIhCPchts_EbxaCSALShGjhHAyz02rm8txWUUpjtbxONr60BnLcbihI2WPPeS7royjyG3p1z_eUsEWmx-_os2fRjTbuTslQgDsitydV3wF3chBniY3A3V9RJjB9aNaFjyhgNZg3EAVxjKEZBwAgQWJgYymhrqCckkQT75Up9hhrXaFkXEZS-c3yp68x8BEFO3wVdAWtUSpVpBFzoggla1g4V-TGMVIbMAGLmpcGlO1Sm2hompIBt0dTiOfU-bzDKRqInsqmqp08y4KnU9nf-Azs_LEt2dxSsng0874DgVZVy5u9UWbZju3AkqP2j6VqEKxrUnjTH_ajKPN36i9u9VqX2-h6VIYGYEuYtyve70WUkxpZ5wCIgeA0AOmd6fXhqcrs9m7yukgre6N0kT00ltBP2KHganR4ofCXhc7m7-Df__vCH1hOHlvy0HJnKtlOVae_g-d42LWP9r3hPFKrzB68hBIsuoS2ceecBR11jg_Dr8n8G3JnoTegKx9qKnQeo8E2eLDYQwAQNPinRuIts6OUeVwLgxYx-hlNMKtQkVW7INJec_EAQf712miiBFso3kUn04yqf8-FuKUtFqZEtY5rg3pRIb_p4K4BKxiFO187RcIXAfgTgcGK4ya4WFjA2tG4aR6fOOgWxOPTOxvIQN0m8UkMjq67aytlYC6-ompr2_v2mlBeF9ZdHOu9cBSvEmgJRtaKL02sDNUd2n2SKIo23Nd6Prwrp7UieZ1G9BemNW4qsQdqzXXvwz6pjH0PFZcIrdzaP9Q9pPny9_NtNwlLbHHy00yt1QBDY_qNQyQ9mr6RT3x5vpNYyn6vCGzVoerPrUa6aCawhYx1GiuNroVVzReRLKZIYK4whwR7rer4lWroZj6AGg784fSV99rwpsNSPVXVTN0dOaJLGFjAZka8Ib21IyPzBlgrW4hEc7PWkmuWYnuHTc71RgUdr8X42JiS1EEFQUqDtdsNi_IcCQ6v6J0yUtSX6jF29I9nOCdr7g9bFStmPV-iRy69GhF1DdUunMfQcDvQprF--dkhSQqyuXkXHk0noqG6DeasgDOogbgBWaCNTQYWVL4xL0469ETHJVc_Tfex6lRAPzujQKxrzNl7fo3mfnfC-ypPQpAvQr-Xj9q2XbafaEZGvHaGPPhKb69PLshQMUjWxcjQdg1hP62m3krFaqHPeszJcm9SpDwXpN9NpIEp-OK3RN8jid1PqwWMSdRnRGGFBCDm0G-PtPOwN1Vh60cX9qJ990A8Wj6EH993ry8iCMa7kyitmsb94IwQW_43S43IL7y3ILNSRPGrTG66CqUGOuYj1cBvR5WVOuZFezMVeADlhUJ3rcwBTar-iJHUBapq-ZjLjHtUxpX9AuxOrEgOomh4lhMhLpsKjWYEQ7h1ZkKoVZ_KmLq1Ep6FLB8OWnUfGznUHEtkBx0mFyNnePUBxuaN5y2S0M2zAi7iKl2kgVzSiI15dycaOkzyag9IGFWN4rQ0ssJ4nt_on10Jn5nxpyuyz2pIJVLruHCrBidVz7HGVn5JBqGVNxsqqF3uEwlPZJ5IgKaAUpysU4TBEPMLiIQps9o2kJ6uyBdkanPsVD1YtU3ghKr4jXQiDlz9wTjSG2qj5wykVWwJPxWFUJLfxWVetDc6lCogDb9OwcLxZDHGgPxVrezNYlTLlstfItDGOvQpB0h1JcyVliD50uK8kvxESCn0GufKPQjgGTU7vmMyhzP5lk5OcibAlhrbWCwThEEgxxW_tOuLE8cyNcyO97_7FQ71eTBzdzQNjDYAWHfE9OWotPDzx9wklvMeUwlKM_lx0wcJj9VaOdCn8t0x4lMbEfqDev5SX_uOtesMYcveNkwfVe8q2ulSK4d59TFNbb1GVVDrbqRHzrANZKbIHoEHWaOJJSHA_3KSav9-QtuFy2l03QyB-K-cMrznzC2IN9IohiFCv5W4kvlrTfFr-hAh37B8T2yuGrM5c2bYSFPEYaSYVbBfZI0Dztl9NpE1S2S3NJTqu-7hKe8wlaHLL5gy0DbELe1g7FIoLAcOMNRfMEPErfbCbDtn7wlrYG9IwtQz-70BGSOpjVgmeUBF07ly49IpCmVJ81rd4xDADUunKBEImMZ_PmfXpyQgP1NE49f6FIPWo3HFhOb42QqkIqGAx4uPhcK41Qa0Qlv4eULIFanLqjOmznIv6Ew4sNBJZbn150KXM-GeMD3-5g8WC9jpQxKloM-MFNqeHadCsRTT2nMOWaDDcyEV8gDfKUemFrSLgZdsn899Er&cid=CAQSOwAvHhf_bJE3X-YZuaXUVPrLKGxoCcetWQ9WVXlmdHpxahRWe2K8Ea3LblkgOYuBmb8CwOhHiIRUauryGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f157.1e100.net

Software

cafe /

Resource Hash

e3100522a6dd790555f31ee2d85199e409de1c5192e306bbe961505a14f4506a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17791
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7462 0
45 B 661ms
121ms Ping
image/gif 173.194.215.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=1~lsg8cpkd&c=8351794801839&slotId=4175897400919.5&qqid=CKCpkPGKoYQDFXDMFgUdn8MB9g&fb=outstream-lima&sei=44752538%2C75259414%2C420706098&nsei=44714510%2C44729911%2C44730425%2C44730426%2C72811302%2C75259405%2C75259407%2C75259408%2C318491509%2C447279544&bi=outstream
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.215.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vt-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7462 15 KB
16 KB 22ms
22ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Wed, 07 Feb 2024 17:56:55 GMT
x-content-type-options: nosniff
age: 250225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 06 Feb 2025 17:56:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 7462 15 KB
15 KB 28ms
27ms Font
font/woff2 142.250.184.195
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:700,500,400,300

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.195 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f3.1e100.net

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:49:55 GMT
x-content-type-options: nosniff
age: 56245
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2025 23:49:55 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7462 0
56 B 52ms
52ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=osv-info&clickstring=Cvygg15XHZeDhEPCY29gPn4eHsA_piNbTdduWv-SdEsD48cmtARABIKLr1w1glcqbgqwHoAHcxoqJKcgBBakC1KerMPEWsj6oAwHIA5sEqgTrAU_QxvIRaZ2I-JaQQ01RKr1ZwAPJL9uTyKUOh8_u5ZyAd25f9WaVzAGrNM09FC-K_XY84pmg349w28KKaZlWqIT5gCFoevKCt8m4gLjVpF9UKMyMpoyiLfu_qNVLGA6v7NhGksM2R4SAmJt7zBm2OkEGw-HOt2S6144r81DhVOLU8mA7FwaXkTXrIXEhyy377h4rWLnfMZhT_IHi5y_FIsqsXb4uuDdOf4vZGMudvuOKh96NUqZjNyYMzviwXNy94nikmRHFQTUds0AFqDFFQpV0Re7SPpdMaHOGhjIObH-2woPpKsC0FLXKrgLABKi8j5bPBOAEA4gFh-aCx02QBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WLH3h_GKoYQDgAoByAsB4AsBgAwBqg0CREWwE_D0yxbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE&eventType=clickstring&clientTime=1707578840191&ai=Cvygg15XHZeDhEPCY29gPn4eHsA_piNbTdduWv-SdEsD48cmtARABIKLr1w1glcqbgqwHoAHcxoqJKcgBBakC1KerMPEWsj6oAwHIA5sEqgTrAU_QxvIRaZ2I-JaQQ01RKr1ZwAPJL9uTyKUOh8_u5ZyAd25f9WaVzAGrNM09FC-K_XY84pmg349w28KKaZlWqIT5gCFoevKCt8m4gLjVpF9UKMyMpoyiLfu_qNVLGA6v7NhGksM2R4SAmJt7zBm2OkEGw-HOt2S6144r81DhVOLU8mA7FwaXkTXrIXEhyy377h4rWLnfMZhT_IHi5y_FIsqsXb4uuDdOf4vZGMudvuOKh96NUqZjNyYMzviwXNy94nikmRHFQTUds0AFqDFFQpV0Re7SPpdMaHOGhjIObH-2woPpKsC0FLXKrgLABKi8j5bPBOAEA4gFh-aCx02QBgGgBnaAB9z-2ugDqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhuoB5oGqAfz0RuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WLH3h_GKoYQDgAoByAsB4AsBgAwBqg0CREWwE_D0yxbQEwDYEwqIFALYFAHQFQH4FgGAFwHoFwE

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7462 0
45 B 658ms
121ms Ping
image/gif 173.194.215.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=2~lsg8cpkv&c=8351794801839&slotId=4175897400919.5&qqid=CKCpkPGKoYQDFXDMFgUdn8MB9g&fb=outstream-lima&ulv=1&cll=0&met.4=arp_a_s.ty&vast_v=4.0&icc=1&icrh=0&icri=0&icrs=1&icru=0&icp=GoogleWhyThisAd&icdi=18x18&lima_p_ich=0&lima_p_icu=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.215.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vt-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vast Show response
bid.g.doubleclick.net/dbm/ Frame 7462 30 KB
17 KB 103ms
96ms XHR
text/xml 74.125.206.157
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bid.g.doubleclick.net/dbm/vast?dbm_c=AKAmf-A9mP69IVDMPT85NgRjUNz0lKm5HVwFF8-fr1ao2vpOUtR5N8KwgUlywcvhS1_3o1Hd7918OYaLc2FHypz6MOdwnTjkDg&cry=1&dbm_d=AKAmf-CGL8ecs6dhlZ_yQtJskoBkt2rVl54xPatysl9jT15D3GdXjY4BASbKqTU6f6I-aesqqwHlBEhDIX5MQixjpryyodrcH4mG77MN-kZbkueJ7ryVYq0kn6u2J5r-Lu3sgNKeazwPYHeLRxleaJGnhpSadC3XxwPpyoytvL8pMlVa8qkQWd4pt-jfgvD782zo3Pp864fe9lsNBu_QOva_Kx7Z5VucLgwcPVxDpfoEheYX_Hhr25Eg0AllQLIrlWZqEOsHjUx-NnSpt__LGsQPsvPdDRKkD1nvLghihJtufm2eKIMWKmHStzpHB0njdLfQ7FsBOnbpQNaQ9rgLvUUqdhFJeLdElCMsDv2EQOwjiWR1168FSU3uE6YY1JAkOH7FNN_FJJQMxFYB2HuZuMZDS9ZFlKpjib0U30OueE0SGX7zDoaUSTM4eCFlCT32PQknGpfnU6BL7OBdiemLvKBqtauxleYsRGfZ12tHUuCMMymcv8ZejLCn7_AYf2Xdx62fEfoLy3-arCZj3FESVF1NHxmxKaKfx999yKtk8ruuQ0xuwvCrE6ZU3M3lPUeqMZaYbgdFefP4tv7yjrW_MRetblvkzIwrlb_uJmjhmbPCtLUpb7t2Cyv3X0gPTMc2A79KezaNOztF7TL28wciBdT_r073nVjfnd5AULYSFnZCAAKYxPSlczghrDzVSxANBK2HwPl8_4Rf-PoIqkCM4wbELCnwnNjOonxLRxrSJD0_OcHtb1L8gI4nZdGTFzozxsiE9ONPDspRwgOmd7IY9bZgjd7P6kL61vhNEPQjGYNLOjOdE-7ot1YgOZc5IYA-R2n0cbQEo6rHXAnJedNtrgfDiRy71LnYS89XR-ytx6AFiX_rvjna0T5qB-UWCuHX9pg0jbWogA0YtqsuhjN1SlHxV488TA8sLvnSStcOwB1sKPNxvMFVd5_BHr6kyUi-DTIxmThNiMf5CIaAvqbweg_kRCyGTeov3T8u4ROXHKn9XIGcI4nXadAeewNERxVvauBp-AKJ37VwSsvf_qkH6A4qle0iZszg0rBb29ITgLjy-bBFWD1Aesj-YsubaEEjyzVPxeVe8aTx8VEMvKFExTOcYsJI5Uqgy3BSMNt9nlVYfOC8ZZc3CJLllVgYGCGKyudQLq7RONbGq23Yb2RXLwDsbiK9GNGNNWrPbYOV1sXg4sAJn7a-qhSJ83DxW-f0uY3QEp2NXZNm7Exrb02fHANLZZIwAWdFosVO2N9AcslKNtxoqy_XfG8W_y0RVaTHnMUzERgf0t9GssyMjRKXAjV7GTpz0OyVJJcPLa2u7ZF3FZUic3iaAuDb8B4AQdu0uWs0_Er1OoriH60LIWfMWi7cgiqUiLfBP-1EvuvRBh4hjn56p4spYfryJTo_ecyXZMSzYT514vOdejyVB3PHVvMpopR3WLGcoZSKcYcFo1vf4zC1Tb92LnT7QuHgdRVz5K1WAmciUdyyJOHx5wWCo2epxnFtrh-NN8oknf_lvcmUzXLSUkAFtsg4odB5hlMc0Ggbxv1kUQmtdYWjHnW01iYqCY_6TpE7nO5zmcmRqRJ-KVqa7BN4iAmdyenA3P2-i2BDZOIbN8kVcApPRYjzh2P6dnf97ULGhkLWVJTF4qTnZqlezhYKCLU8DyEeuY1tuia23sKo7zpGOWwBz4agoZErnQS7dYwJfJFOYTkVMMXZMcH0Mgmgr6N_zyEezunt_SCU6wOyCrcb4aC0Jyvd_JKSw8mojhgUJEV26-o_1b9jbgwQwOKb0tsgPwvBDw9siP-HKYVorZnMEM6ikCX9O4ScwKf1o9-faFlHwfucA83_JiWF9R7WKsFYXtvkKVff-x74XNVEq2P9L3AK-S7qI0ANUq0HpsG1ySw2papopkuUPO9x484HzW6eU8GWnTtQuxLZusIUczqUS8-GWakN8Ft9aq3Ju3bGhos5dtxeU7v69k6KLapOW_ntNsQbkIbnaJtRLrxmM-kFKmIQpONheRfHDMtmIhvnr70rA5Nc9weGyogiEvPAM2rqdwpSEXIyPmKGQBAiv5wSFGFSUG2BSMuwaiw56xNwsHl3UtDHrPCk0D4882ISYKJRia0U2YdvqlGsJCuBXl0KUn6bMruJwAwvtMPawkLbtkdkHaqu7I_2xWT2JfgANq86YFF1ifGcakR2FE58cFrwAt6uvKx7Z4w8y1yeLVph7H_UbVf6qIBF0HWnLLtJWwrJEpo7n3xmrccB2hckn_k1h3J5EwFJXHQARPK6bxRtgVV0DnUByyisIsSAFSKCU7WewxOg-XKXqCYlNoH3Yg5kKR8RPYrL4GeJXKtYv787RkNMist36SXIpEFdekVabg__L-hkMNeJWrKR3LOZIhJluC3ft4KxO5lox_S4o6c7zcJslnFcUFO7WQQm_rC6fKCc83BWH8f9t3LcCLIHZ2g8I5CUDa_2jx--wPJIUzcbvc6OwXKpywfzWaBXqHqoMe5l1xGfADWTRQz4EZMokjEm2PEoXCQA0HVlyQDIOkqNw1py3cJ2bNbnMYyF3zxXCuIfGe4FN4Ci-c-C2jZ-4TMbM-CXvC3ALlpYIYEfnZl10ioDN0a2qp5-dPzP_ymf9gUttu5fnXddI7H_CpSmuQCrqlDlaz8UydsVAIn9jpQdcXz3ULJ9KtWHyCZtJkKfA6onmzaOdfNVVHiRXS4PFw21t0GslC1PzJ6HooGqH0cyr4KbZsUVmIK-0f4N_FK5uWWqVdDStH9jfE3gXlhhAUpmTAbDMGv340X9-7b6sH3TJ2sLzoZBXbMpvWfH_tdxY_-YEonqXg7q7bD37fU0EewV-lkGud1t-y-hxBoEiaTznyP6em_dWxP6qk5sGykMwfE__vuGZGzBY5s_eCb-uaayX50ai77gW75shJWviw11xsOoGuDjA1SPNOL9-f5li6FhDHjhlUL8oHvb_oghZY5liw0puDPOfsaA34p_jferRZxYTqXt5aItAEG3FiPCVNhHseyxCaFitydsdSmisGB5AnuFuHZRigGKK__LrKpgrYq2G3Y2ooTV7ia7NMcHHByiZV6jLlZx2-_r5SKEd9uuK6BE9_1I31cV_tLkm7MLzpAjudDYhP95-ouY81te490r9JKFFdPFAL-t0o0-IRQOvee_zV9IO6MKM_B55oxygO2UixqDfmqFBXaIiywPxJbOyJqIqjiQ5QK67olj1p0NxiHrQpvL1CegKfkED1cXiioES7r4SQoCXD2FCWXAJ77Si_l2z3iXmqEFXlOC8TDxZmerFWYdJVubC_GqzOYdmiH6SMMaKfkTi9swn7fEKKZFXBH3xNqE_eHP-PwyYLTwzxeY4dY_HqoziSUKMrXJEnEFdZzAIUypOi8SVsUCGAgbgO0vcxT3q25LSEq15E03bVGX5Hdu5-Z1O2HxREhxTLLB6Zq2W3ZSvwbqSZ5MxZE0r9Ce1kbC5o1If13PQNtvSNJpMOFnKnWiF3a_CCTRvcNCvE3F7F9Uof9PCNpRsleLmEuQScgiKG-_-y3iAFvzaTsz4bqBSApdfNDMPV0EQB0MsErx8oTj_xyYQUB72QDtBAYPBNGjO8vcCSO0bsUyEssk-KbnH47p_zFQMg74wS-4cuPsjbnVDDsBIfKuqlfkdCHsNhyyVW_O8AhZmekZL3ZZf2hRfGlSd4zd_gOyQA&cid=CAQSOwAvHhf_gfqDO3eofMaoXx0j707EBaqIULAthjhp86EjeAtMsEIIfO64qN1QAiISbS410b3EVrw01njiGAE&sdkv=h.0.0.0&osd=2&frm=2&vis=1&sdr=1&nel=0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

74.125.206.157 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

wk-in-f157.1e100.net

Software

cafe /

Resource Hash

72f1b28ecce84ae3d826592d42dc3b03b434759b60297c48a1bfb78dd49bb439

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17349
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 7055 1 KB
758 B 22ms
22ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sat, 10 Feb 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 7462 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bd8f3349ff47d0abea8e7382c80b61ebd29489dd57c9392a1351c4705aff413

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame FA7D 1 KB
677 B 20ms
20ms Document
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 80196
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=86400
content-encoding: br
content-length: 618
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 17:10:44 GMT
etag: 48472445140208031
expires: Sat, 10 Feb 2024 17:10:44 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame C2DB 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 65a76dc03e29a647859195d7c4c8bd08fc84843a8117646456569ceedc869b6f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

/
r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/ Frame 7055
Redirect Chain

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEN3TOm-w4-snfwUHPZy292g&google_cver=1&google_push=AXcoOmSX4E7-KStVS4Gnyp63aliiB1pgOZ_0gnT0Ei7ARicGhleq4z8cXi0DunPFlDDLcrnSc5JM9krrgF8ETW2imYT-Mt_9Ik-A_g
https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NDE5MzcxOTYyMzM1OTI4MTQ4Mw==&gdpr=&gdpr_consent=
https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBw4JmHx9FkPKfkagTegW24&google_cver=1

43 B
398 B

63ms
28ms

Image
image/gif

46.228.164.11
AMOBEE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBw4JmHx9FkPKfkagTegW24&google_cver=1
Protocol: H2
Server: 46.228.164.11 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software: /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 43
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEBw4JmHx9FkPKfkagTegW24&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 329
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 google
match.adsrvr.org/track/cmf/ Frame 7055 70 B
149 B 150ms
48ms Image
image/gif 35.71.131.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/google?google_gid=CAESEM3O8WaYEdGn0fxl7Fn4dmM&google_cver=1&google_push=AXcoOmSvWty4lfGyHH9iq1k5uo_o1t3-Fe80h3DaDU0FGcj9BSd0wI0K2drWhLvgIwv3nRka-mocTKr-qr4VlXM0Pd2YtKAgbzpSvw
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3157847563&adf=1199968654&pi=t.aa~a.362280133~i.7~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1915216740&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839113&bpp=1&bdt=1579&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: Kestrel /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
server: Kestrel
content-length: 70
content-type: image/gif

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7055
Redirect Chain

https://ipac.ctnsnet.com/int/cm?exc=1&acc=crimtan_au&google_gid=CAESEILjPCPhHG7gx4JHw6HY_Uo&google_cver=1&google_push=AXcoOmTh2Ro-EmL39gscVEu2gqu_cLSQZkdvOofMDwhDs_gD3AAZxTP3_D2gu58GqR6q7JNk_Hzs4e9...
https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTh2Ro-EmL39gscVEu2gqu_cLSQZkdvOofMDwhDs_gD3AAZxTP3_D2gu58GqR6q7JNk_Hzs4e9g43snz2cPm545WqwHudHSNQ&google_hm=kI7yue-URkm1aNP...

170 B
232 B

33ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTh2Ro-EmL39gscVEu2gqu_cLSQZkdvOofMDwhDs_gD3AAZxTP3_D2gu58GqR6q7JNk_Hzs4e9g43snz2cPm545WqwHudHSNQ&google_hm=kI7yue-URkm1aNPFyuGXtrg

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NOI DSP COR NID CUR OUR NOR"
status: 302
location: https://cm.g.doubleclick.net/pixel?google_nid=crimtan_au&google_push=AXcoOmTh2Ro-EmL39gscVEu2gqu_cLSQZkdvOofMDwhDs_gD3AAZxTP3_D2gu58GqR6q7JNk_Hzs4e9g43snz2cPm545WqwHudHSNQ&google_hm=kI7yue-URkm1aNPFyuGXtrg
content-type: text/html;charset=UTF-8
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame 7055 43 B
235 B 259ms
33ms Image
image/gif 35.214.149.91
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=google&google_gid=CAESEAJDFGRC0S1GSRT0PcstJwE&google_cver=1&google_push=AXcoOmR2TaA7cnl2sCFqQOn0OQx85VlrLsIn9oI4SSKbgsu5mWRIVLW7r93UfuHuK4bsnqPDYxv4KnWjDcvmBj2kvkK1kaIWQGB_
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3157847563&adf=1199968654&pi=t.aa~a.362280133~i.7~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1915216740&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839113&bpp=1&bdt=1579&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.214.149.91 Groningen, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS: 91.149.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 15:27:20 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 7055
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESENpeIJLT8gvWzsiWxsrZivk&google_cver=1&google_push=AXcoOmTpRWEpFPsSfWNzzLFTenTSKohiKeP2L44O8yMM36Ejzif_TcgCZniGcliqkpxQVz1FbnKp9kyEZoLExMUK_...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESENpeIJLT8gvWzsiWxsrZivk&google_cver=1&google_push=AXcoOmTpRWEpFPsSfWNzzLFTenTSKohiKeP2L44O8yMM36Ejzif_TcgCZniGcliqkpxQVz1FbnKp9kyEZoLExMUK_...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=Kh_HaOJXOlWxcqPkLhA0NjGrcAPjr2QN5d9cI69Zyyw&pi=adx&tdc=ams&pi=adxab&google_gid=CAESENpeIJLT8gvWzsiWxsrZivk&googl...

170 B
188 B

34ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=Kh_HaOJXOlWxcqPkLhA0NjGrcAPjr2QN5d9cI69Zyyw&pi=adx&tdc=ams&pi=adxab&google_gid=CAESENpeIJLT8gvWzsiWxsrZivk&google_cver=1&google_push=AXcoOmTpRWEpFPsSfWNzzLFTenTSKohiKeP2L44O8yMM36Ejzif_TcgCZniGcliqkpxQVz1FbnKp9kyEZoLExMUK_KZzjWSKbKdgxQ&tc=1

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=Kh_HaOJXOlWxcqPkLhA0NjGrcAPjr2QN5d9cI69Zyyw&pi=adx&tdc=ams&pi=adxab&google_gid=CAESENpeIJLT8gvWzsiWxsrZivk&google_cver=1&google_push=AXcoOmTpRWEpFPsSfWNzzLFTenTSKohiKeP2L44O8yMM36Ejzif_TcgCZniGcliqkpxQVz1FbnKp9kyEZoLExMUK_KZzjWSKbKdgxQ&tc=1
pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT, Sat, 10 Feb 2024 15:27:20 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 0
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 usersync.aspx
dis.criteo.com/dis/ Frame 7055 43 B
363 B 466ms
189ms Image
image/gif 178.250.1.9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQ_yDBNKLVShA5c06ugLZPloA-gRsZaOIbdbXts5HUZ4quX3OZDL6BeeL2uyLWkYn3uGWo6rP7SFGWWp5qU-ajawcpYZPu5ew&google_gid=CAESEIret9AxAfV7sm0mZxVonvA&google_cver=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
x-errorlevel: 0
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 258785
expires: Sat, 10 Feb 2024 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 7055
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEJZEITT_-0c5aUt9ghK2Dgw&google_cver=1&google_push=AXcoOmQ1uMTZL-af9Jiiio5Wo9zTp_jR6akzZb8agdeM8FsvmGDmIjnXo1RtwHh9cTrkpmC6yaGd0lBQ2p2l...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ1uMTZL-af9Jiiio5Wo9zTp_jR6akzZb8agdeM8FsvmGDmIjnXo1RtwHh9cTrkpmC6yaGd0lBQ2p2lEWbgn-voSlMvsgtmsg

170 B
329 B

36ms
35ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ1uMTZL-af9Jiiio5Wo9zTp_jR6akzZb8agdeM8FsvmGDmIjnXo1RtwHh9cTrkpmC6yaGd0lBQ2p2lEWbgn-voSlMvsgtmsg

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmQ1uMTZL-af9Jiiio5Wo9zTp_jR6akzZb8agdeM8FsvmGDmIjnXo1RtwHh9cTrkpmC6yaGd0lBQ2p2lEWbgn-voSlMvsgtmsg
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 7055 0
139 B 89ms
30ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13JN_kVSplozMbqUlWbU3Y25khTUB5iS7FykkJ6kCVR1UiPQ7iTnmPR1urEYXmreo3SDU4Kd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 dpixel
cms.quantserve.com/ Frame FA7D 35 B
463 B 385ms
26ms Image
image/gif 91.228.74.244
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESED7Z0gQ-s3UUG1T2HRlmgVU&google_cver=1&google_push=AXcoOmQoWJm-4ZtxKp4TLM5fE6nubja_Pb-k-m3DI6jUiLsIV3TvztjN-BeKbO74f7oMpGg2FQBnoOMEINWRDTpbkKee-79RNMMOtDo

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

91.228.74.244 , United Kingdom, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 204 current
dclk-match.dotomi.com/match/bounce/ Frame FA7D 0
104 B 545ms
118ms Image
text/plain 63.215.202.172
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dclk-match.dotomi.com/match/bounce/current?networkId=14000&version=1&google_gid=CAESEOkYcOuRflOb1cprqLul900&google_cver=1&google_push=AXcoOmRQ7Gc-M_PEEvykd9YOZYNdpgWcLmvTr55HgjIYiXZ4QA2Zc3FH90fsvDnKoLdNwfg4GS85b88ACN83o0JG9KziviEtLGukCJ8
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=93411971&adf=2831361282&pi=t.aa~a.3541775406~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1592&idt=-M&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 63.215.202.172 Amsterdam, Netherlands, ASN41041 (VCLK-EU-SE, US),
Reverse DNS: ams05-nessy-float2.dotomi.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FA7D
Redirect Chain

https://um.simpli.fi/gp_match?google_gid=CAESEKrzECzIp3wCBJWr59k-AmY&google_cver=1&google_push=AXcoOmS1UyvmJ04-udrOw__g0oMUxSByR6MUqbrJ_dpAZhL4sABHhV-CXewjYZ_tsSGtA9sq9LbRqNxz01pUtYNFLYV5bZ4By7QEPmQ
https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=257392C670464D7A947F2E5F771BE62F&google_push=AXcoOmS1UyvmJ04-udrOw__g0oMUxSByR6MUqbrJ_dpAZhL4sABHhV-CXewjYZ_tsSGtA9sq9LbRqNxz01pUtYN...

170 B
232 B

33ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=257392C670464D7A947F2E5F771BE62F&google_push=AXcoOmS1UyvmJ04-udrOw__g0oMUxSByR6MUqbrJ_dpAZhL4sABHhV-CXewjYZ_tsSGtA9sq9LbRqNxz01pUtYNFLYV5bZ4By7QEPmQ

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 10 Feb 2024 15:27:20 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://cm.g.doubleclick.net/pixel?google_nid=simplifi&google_hm=257392C670464D7A947F2E5F771BE62F&google_push=AXcoOmS1UyvmJ04-udrOw__g0oMUxSByR6MUqbrJ_dpAZhL4sABHhV-CXewjYZ_tsSGtA9sq9LbRqNxz01pUtYNFLYV5bZ4By7QEPmQ
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Fri, 09 Feb 2024 15:27:20 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame FA7D
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEOXl2tMkEMuMlmCn9DowyKI&google_cver=1&google_push=AXcoOmSNkgiapIT2zw3_pufyclYiJfZxbylHIEUOTE6BWlAshcuStbuiUR0iGmxJbH-BBPYRKaSzaCur13QqYrq5d8QxNWT...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSNkgiapIT2zw3_pufyclYiJfZxbylHIEUOTE6BWlAshcuStbuiUR0iGmxJbH-BBPYRKaSzaCur13QqYrq5d8QxNWTNlGl17NE&google_hm=eS1ETm5ra0RCRTJwRlo...

170 B
188 B

34ms
33ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSNkgiapIT2zw3_pufyclYiJfZxbylHIEUOTE6BWlAshcuStbuiUR0iGmxJbH-BBPYRKaSzaCur13QqYrq5d8QxNWTNlGl17NE&google_hm=eS1ETm5ra0RCRTJwRlo5blhzVklyR0F3by43aDVpSnd1dn5B

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 10 Feb 2024 15:27:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AXcoOmSNkgiapIT2zw3_pufyclYiJfZxbylHIEUOTE6BWlAshcuStbuiUR0iGmxJbH-BBPYRKaSzaCur13QqYrq5d8QxNWTNlGl17NE&google_hm=eS1ETm5ra0RCRTJwRlo5blhzVklyR0F3by43aDVpSnd1dn5B
content-length: 0

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame FA7D
Redirect Chain

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESECZ8lZ8oJJyixZ_1TZakBDo&google_cver=1&google_push=AXcoOmT3aX3kG0YyJDMcKndKkBU13153O3mTETXxqFmyme6C6Iy2c6KqOAlSeybUnfQQwfkjzW0GHVeIYCU3...
https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT3aX3kG0YyJDMcKndKkBU13153O3mTETXxqFmyme6C6Iy2c6KqOAlSeybUnfQQwfkjzW0GHVeIYCU3N8gKqijN2CLNZNx2WlI

170 B
232 B

34ms
34ms

Image
image/png

142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT3aX3kG0YyJDMcKndKkBU13153O3mTETXxqFmyme6C6Iy2c6KqOAlSeybUnfQQwfkjzW0GHVeIYCU3N8gKqijN2CLNZNx2WlI

Protocol

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmT3aX3kG0YyJDMcKndKkBU13153O3mTETXxqFmyme6C6Iy2c6KqOAlSeybUnfQQwfkjzW0GHVeIYCU3N8gKqijN2CLNZNx2WlI
strict-transport-security: max-age=15552000
cache-control: no-transform, no-cache
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
content-length: 0
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'

GET
H2

200

cm
cm.creativecdn.com/adx/ Frame FA7D
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmQBh-_f_q5G_zfqA9tlCuN63pBVbyKhNx04r1K-smhGm5mHuDDvy8eYUnLVZIh1jWvyflCRg2EDDQkgNvIls...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmQBh-_f_q5G_zfqA9tlCuN63pBVbyKhNx04r1K-smhGm5mHuDDvy8eYUnLVZIh1jWvyflCRg2EDDQkgNvIls...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=Kh_HaOJXOlWxcqPkLhA0NjGrcAPjr2QN5d9cI69Zyyw&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&googl...
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5

42 B
260 B

92ms
30ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT, Sat, 10 Feb 2024 15:27:20 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cm
cm.creativecdn.com/adx/ Frame FA7D
Redirect Chain

https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmR0RLd5G9aFJJgh8ddIF6MySLGtscoIS4TTO6i-hk2qWRZUY3YZspIbA_As1u2109SuppIUAmdU2h1YWIo5E...
https://creativecdn.com/cm-notify?pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&google_cver=1&google_push=AXcoOmR0RLd5G9aFJJgh8ddIF6MySLGtscoIS4TTO6i-hk2qWRZUY3YZspIbA_As1u2109SuppIUAmdU2h1YWIo5E...
https://cm.g.doubleclick.net/pixel?google_nid=rtb_house&google_ula=5153224&google_hm=Kh_HaOJXOlWxcqPkLhA0NjGrcAPjr2QN5d9cI69Zyyw&pi=adx&tdc=ams&pi=adxab&google_gid=CAESEAEybYfLHMHcPyPoGEK7cNw&googl...
https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5

42 B
260 B

92ms
29ms

Image
image/gif

185.184.8.90
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
Protocol: H2
Server: 185.184.8.90 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-90.rtbhouse.net
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT, Sat, 10 Feb 2024 15:27:20 GMT
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
content-length: 42
vary: Accept-Encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://cm.creativecdn.com/adx/cm?v=2&pi=adx&tdc=ams&pi=adxab&tc=1&google_error=5
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 298
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame FA7D 0
40 B 85ms
31ms Image
text/html 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IxbjR3uS6thZ4pnvcPHNxTMBSvO_tUATfVCDEA0I7vAUYse2vuGBOb35rpHuP3vChaM4-XWw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame C2DB 0
0 91ms
91ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CfREN15XHZcODEu3M29gPqZ6zyAbpiNbTdduWv-SdEpfW1qq8ARABIKLr1w1glcqbgqwHoAHcxoqJKcgBBakC1KerMPEWsj6oAwGqBOgBT9DDfYj0t11Ph-fLlS-OTXW-_bdwGi_lfyduFziBVo2_uPvusAdl42fANZ7xoMywC362bUoT8kH-TJdJ67mbKYv_tm9PulS1_Y3wmUD1QI6wp7CYVzkFR3WxYkynq8akiB6rhBrRmyHSGXTMp-NpGcI-yrjQJ4HqHDdmWUr5mS9Bla_d1PGP_NCblm96qPPxlnxUJgiNCnvK6VRps7ajyjnJe0FLHPhtnK1lNxf7nfKqRgd29j2ryOBb1gRRy-bsaH8w0Ky3Dj4IZd1QOmwYOoMNKPueyYbvyEzEMqyPRxpT9s1rh7tkvcAEqLyPls8E4AQDiAWH5oLHTZIFBggDEAIYAZIFCwgiEAIYAUjE75gCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfc_troA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKENetGxipiv3_AdIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WMOgifGKoYQDgAoByAsBsBPw9MsWyBOx7pLkA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yNDEzNjkzMjg0NjYyMjc1GADoFwE&sigh=bFt3la53D9c&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwAvHhf_bJE3X-YZuaXUVPrLKGxoCcetWQ9WVXlmdHpxahRWe2K8Ea3LblkgOYuBmb8CwOhHiIRUauryGAE&vt=10&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=93411971&adf=2831361282&pi=t.aa~a.3541775406~rp.1&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&rafmt=1&to=qs&pwprc=1915216740&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rpe=1&resp_fmts=3&wgl=1&fa=40&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839125&bpp=1&bdt=1592&idt=-M&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280%2C1110x280&nras=4&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1868&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=4&uci=a!4&btvi=2&fsb=1&dtd=9
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7462 0
0 85ms
85ms Fetch
text/html 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CMsIV15XHZeDhEPCY29gPn4eHsA_piNbTdduWv-SdEsD48cmtARABIKLr1w1glcqbgqwHoAHcxoqJKcgBBakC1KerMPEWsj6oAwGqBOgBT9DG8hFpnYj4lpBDTVEqvVnAA8kv25PIpQ6Hz-7lnIB3bl_1ZpXMAas0zT0UL4r9djzimaDfj3DbwoppmVaohPmAIWh68oK3ybiAuNWkX1QozIymjKIt-7-o1UsYDq_s2EaSwzZHhICYm3vMGbY6QQbD4c63ZLrXjivzUOFU4tTyYDsXBpeRNeshcSHLLfvuHitYud8xmFP8geLnL8Uiyqxdvi64N05_09j6Fg5UjRhDd2gRHYYtl7aOTwp9bgfDyjblNM_iPzSr35YKcfLaSltr9iyvNW3a61mpHhaq40uBOPmw867JmsAEqLyPls8E4AQDiAWH5oLHTZIFBggDEAIYAZIFCwgiEAIYAUjE75gCkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAZ2gAfc_troA6gH2baxAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcKEP2sDRipiv3_AdIIJgiA4YAQEAEYHzICqgI6CYBAgICEgICECEi9_cE6WLH3h_GKoYQDgAoByAsBsBPw9MsWyBOx7pLkA9ATANgTCogUAtgUAdAVAYAXAbIXHAoaCAASFHB1Yi0yNDEzNjkzMjg0NjYyMjc1GADoFwE&sigh=nxkfnk05Bjk&uach_m=%5BUACH%5D&ase=2&cid=CAQSOwAvHhf_gfqDO3eofMaoXx0j707EBaqIULAthjhp86EjeAtMsEIIfO64qN1QAiISbS410b3EVrw01njiGAE&vt=10&cbvp=2&vis=1&nis=5

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra02s19-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2413693284662275&output=html&h=280&adk=3157847563&adf=1199968654&pi=t.aa~a.362280133~i.7~rp.4&w=1110&fwrn=4&fwrnh=100&lmt=1705172444&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=1915216740&ad_type=text_image&format=1110x280&url=https%3A%2F%2Fcryptext.eu%2F&fwr=0&pra=3&rh=200&rw=1110&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1707578839113&bpp=1&bdt=1579&idt=0&shv=r20240207&mjsv=m202402010101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x280&nras=3&correlator=792926952549&frm=20&pv=1&ga_vid=69353782.1707578838&ga_sid=1707578839&ga_hid=952785444&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=245&ady=1222&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44808397%2C31080793%2C95324581%2C31080873%2C95322184%2C95324155%2C95324161%2C95324264&oid=2&pvsid=2776398177361922&tmod=2111526080&uas=0&nvt=1&fc=1408&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=2
Attribution-Reporting-Eligible: event-source
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 67ms
67ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240207&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

1b011dac11ae96ace3b5415a4fc62c69408f0b7625cbeba71a4030fc7488ea92

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12323
x-xss-protection: 0

POST
H2 204 csi
csi.gstatic.com/ Frame C2DB 0
45 B 574ms
121ms Ping
image/gif 173.194.215.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsg8cpks&c=6351404919509&slotId=3175702459754.5&qqid=CIPLkfGKoYQDFW3mFgUdKc8MaQ&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.215.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vt-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame C2DB 41 KB
15 KB 25ms
25ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 02:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:38:11 GMT

HEAD
H/1.1

200
OK

file.mp4
r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C2DB
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

432ms
23ms

Fetch
video/mp4

74.125.162.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7093135F28000C8A948B2B412A5AE6345639042D.015D576415929236C2FFD3E054A4441B2F30EAA9/key/cms1/cms_redirect/yes/mh/aM/mip/84.19.175.184/mm/42/mn/sn-4g5lznek/ms/onc/mt/1707578140/mv/u/mvi/1/pl/21/file/file.mp4

Protocol

HTTP/1.1

Server

74.125.162.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s17-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 15:27:21 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4960007
Last-Modified: Wed, 29 Nov 2023 18:13:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 10 Feb 2024 15:27:21 GMT

Redirect headers

date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/7093135F28000C8A948B2B412A5AE6345639042D.015D576415929236C2FFD3E054A4441B2F30EAA9/key/cms1/cms_redirect/yes/mh/aM/mip/84.19.175.184/mm/42/mn/sn-4g5lznek/ms/onc/mt/1707578140/mv/u/mvi/1/pl/21/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame C2DB 453 B
594 B 55ms
54ms Image
image/png 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-2413693284662275

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
expires: Sat, 10 Feb 2024 16:17:20 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7462 0
54 B 544ms
122ms Ping
image/gif 173.194.215.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=3~lsg8cpky&c=8351794801839&slotId=4175897400919.5&qqid=CKCpkPGKoYQDFXDMFgUdn8MB9g&fb=outstream-lima&vast_v=2.0&vmfc=11&vhc=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.215.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vt-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 HdsydzJK.js Show response
tpc.googlesyndication.com/sodar/ Frame 7462 41 KB
15 KB 27ms
27ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Tue, 06 Feb 2024 02:38:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 391749
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15407
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2025 02:38:11 GMT

HEAD
H/1.1

200
OK

https://gcdn.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/ip,ipbits,expire,id,itag,source,ctier,acao/signa...
https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,ita...

0
0

433ms
24ms

Fetch
video/mp4

74.125.162.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/48795B3F6454C1EE9D51D5380EEAB9E8AC12BAA0.2FF63B8A0355DAF2217BFD81E27856EC307A143C/key/cms1/cms_redirect/yes/mh/aM/mip/84.19.175.184/mm/42/mn/sn-4g5lznek/ms/onc/mt/1707578140/mv/u/mvi/1/pl/21/file/file.mp4

Protocol

HTTP/1.1

Server

74.125.162.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s17-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Date: Sat, 10 Feb 2024 15:27:21 GMT
X-Content-Type-Options: nosniff
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4960007
Last-Modified: Wed, 29 Nov 2023 18:13:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: null
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: null
Expires: Sat, 10 Feb 2024 15:27:21 GMT

Redirect headers

date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 643
x-xss-protection: 0
pragma: no-cache
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://googleads.g.doubleclick.net
location: https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/48795B3F6454C1EE9D51D5380EEAB9E8AC12BAA0.2FF63B8A0355DAF2217BFD81E27856EC307A143C/key/cms1/cms_redirect/yes/mh/aM/mip/84.19.175.184/mm/42/mn/sn-4g5lznek/ms/onc/mt/1707578140/mv/u/mvi/1/pl/21/file/file.mp4
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: https://googleads.g.doubleclick.net
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 help_outline_white_24dp_with_3px_trbl_padding.png
imasdk.googleapis.com/formats/wta/ Frame 7462 453 B
514 B 29ms
28ms Image
image/png 172.217.16.138
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imasdk.googleapis.com/formats/wta/help_outline_white_24dp_with_3px_trbl_padding.png?wp=ca-pub-2413693284662275

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

zrh04s06-in-f138.1e100.net

Software

sffe /

Resource Hash

e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 453
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 14:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: image/png
cache-control: public, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 10 Feb 2024 16:17:20 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 435ms
435ms Script
text/javascript 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 10 Feb 2024 15:27:20 GMT

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame B2DB 23 KB
8 KB 20ms
20ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 06:13:12 GMT
expires: Sun, 09 Feb 2025 06:13:12 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 H0ZEmIz7.html Show response
tpc.googlesyndication.com/sodar/ Frame C325 23 KB
8 KB 20ms
20ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/HdsydzJK.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 33248
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: br
content-length: 7799
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 06:13:12 GMT
expires: Sun, 09 Feb 2025 06:13:12 GMT
last-modified: Sun, 25 Jun 2023 02:58:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js Show response
pagead2.googlesyndication.com/bg/ Frame B2DB 51 KB
20 KB 21ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/lNhlv5sea-oDTsdMVC1Eb9NbJKPPeymnKy6ovSZ5Mj0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 16:47:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 81595
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19987
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 16:47:25 GMT

GET
H2 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame C325 39 KB
15 KB 22ms
22ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/H0ZEmIz7.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:34:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 23:34:14 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B2DB 0
47 B 56ms
55ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BqjFR2JXHZcfZDaiw9fgPnKekoAwAAAAAOAHgBAI&bg=!ExClEF_NAAY9UbWqHVE7ADQBe5WfOLbf0KpDKMMXNb9YXX2DnZUxUYMgHoD4xPC70eZk9EsDtKuESJOegXpqS54HmvQkAgAAAEZSAAAAAmgBB5kC2y82Dhwjib7n0VALU9f_J_jed1onVYoEk8sUwOX9rXj84kjBjTwuAUnoZPhuZyaAqggowMzC_vyXuH3EFiJf-GRsl2-yJ9wBfTSFn6mrUGRf65-AEY8w8rfLmW9Cx0pJqLf2mfTx8ROeTkmZoByX7CFKeTPLytjauXzK3L4HGimm2Ftg-rHGejqsX6xYo-UYZpjnh45zj30LjLm2X35bjVw7ZuknLw3revD0sMMX_-ctNOUm2sD2sR5nMd-FIcZcQQdql3HoFQc70pr9Mt-RL-3S2egReVgRFlmlUtv1YwYNZ32KfbYj7fi6fftKaS7kiJ3vRM-swBqY4wOoYmGSRlzF5tisUx1f6LtipECSoh8z2o1ziDAQ-yCE_rGNXbQXSODnMFE-E38MB0JM2sgpjs1A8oYd4W9ldNMqR0gTOpIoxwdrlMetZKnlicmvFNB5ICfdK39gdTy1pj1ArN_DZOEcPcLmD2s71XIFU84YWpukn3YfUKNB70G_YK-IJfofREfvpLe2Ny3zEOgRB9lu1rhJPrq3nVRBPjrlxIHmcrlYaTwFswHi1H2nhyNtkFEYeDojDZFdK_JMH901pTkRZfi_UtivlQowuZdEFu25YthRnSuPgRIoAgmejBP6OL9BZC2ZtrSb7qnodqdjRBlaCQ7wSy33zpmiGMZoDhk7mt-S2FXoUOd4l8yHjrTNKadVt4tdAiI9WaF11kYofgj8Z1jRaO1OB11XGPXI0xA3A3tYGzBFnD7kAsHF9sPL3cBFYAyHczox-rLVPUabbMnc-AeyNkYsy1zTX09Yv_bVq71uZs_GP_04bZlmufcuVKIqi-FHRdOCDjKECOMY3CdoyXcEGyKifkgdKXOnh9uH2kC1hy15kFLQ_NuhOL0bX7a1j7nrtiQIWxa9DiUinPOTe06zTyKygZ6p5lqGlK1DT01224e_ugtZ3N052B31yCf0ODGwkDrMAUiMwGxP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C325 0
47 B 59ms
59ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=34&t=2&li=v_h.0.0.0&bgai=BD0WC2JXHZbXRDYCmnsEPkoSpUAAAAAA4AeAEAg&bg=!lZalltnNAAaxkZ3akZE7ADQBe5WfOInG3uqvQZ3b9ZLO-aDou_-ASq-JlLQhZIsP9oSf-NTfQe8dhodpERb9vkI22CwhAgAAAD9SAAAAAWgBBwoAUhr7eu0rj15w6IEJid_8nQ8XhaVVgtUkQVjTeEnEe1uYe5extynYLn01IvAhRUjphjliWcXwgE9qnwbVWnYV3-vNwHti3bDCSb-cfMtrTduOp9OZAuLL6kOb9LXsNfa44vaW6I2UVu2SmchGC_o65nDMwmveOxyiL7qWZBErJUzmfE7_L29xgUPvgJiqXgPOCJDyEv0CiRF041Ncj7EeJL3HKlF0uz1v6ynjDYE9cvcj1slbNRvbQ558Mnh1QCxOMpEduyBFdtTbOw3CimhgIp0cDmmHMcRSZ7DcOjbjpEhUaNciwyzp6atXJ2lvfl2k-z3x_NIFaskbwgzTZtYHU2vosTFyFNZlkswzB3dhdE2prbvi3NxFpuRhVnrPeUhw3xCfDnIEYH2GucY2r0Yz7nlCXfzNnPUvEKHeusSBVHSXkDYweHes2aQWbUg2oHwVP695T1_KmQzfzC4wqgFwyuyatcbf4rc5FtT3n9vKD6pszV_gPnaucVJXuphF0X3CWCrPsp2FHLYwsawB4-C0SWKBPOr-tClgr2dYlQo9VpvT25TX7YDTq7pcVvfilLs5l95_eJBt6jIrxmkKDXRHT448He_YPVZ_2QTuOZNVd2kzIvpBY66sjmIvIpzgYBYpA_w1PLDtdIY42AafpuOhemNogXA2sq4CffvQ97KFLxVq71dEnWKHm5z2e_2hUW1fuyBIvZ94bpoqL4C3Yr-CUL3fRbBswLcEFHNUASWEEwLv-el4Sv5aTWqHP1KS3OEdyjxjI9hAmL3pE-0AJGDVCZl6CDEanJ-WI8iXVLYLWl8xQfIzuEo2kr5o_OQ8VvT9g1avL23miGH94itPcfVVepNc-iFU19aMiz1Izh-kchY0zZfZ0Nrdosp5w75IV9BBh6Bxds_t6URlpS6d-ArTKrVJl8E4jOcTTNXikXhjSG7SSrAsd29Ty9wvK-4Q95ov8hDYQuBLZPw7j2ps71ndZ5c_pvpw4KgkZjymfCY3t_Pww_U-b73SuT43OW0AGTxuWqTSUiiUHEi-EbeEw778k-mDSqdkiEaGKn2AZbdI5VmSmMWpqCGoRRN-CtgZDO2Cfeawo8iZIC4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0B8C 13 KB
5 KB 24ms
21ms Document
text/html 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.161 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f1.1e100.net

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 85442
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 09 Feb 2024 15:43:18 GMT
expires: Sat, 08 Feb 2025 15:43:18 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4183 829 B
1 KB 35ms
32ms Document
text/html 142.250.184.196
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.196 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s11-in-f4.1e100.net

Software

GSE /

Resource Hash

2b9d03bce61bd805abfc082b97180958d0df7267b54fce9201b02ba0b0795c3f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5lIaFJyO5gHiRbu3awzKww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cryptext.eu/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-5lIaFJyO5gHiRbu3awzKww' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sat, 10 Feb 2024 15:27:20 GMT
expires: Sat, 10 Feb 2024 15:27:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 127C 42 B
174 B 58ms
58ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuR14_Mv7x2n2fOn9fhC_z-4PsG0lfxHiDl1iKk_B_O6a2B81NU5eW2WP0qazPDquHhxKOAU2QqSXx44yzVfG9Zo9VxJLrLOrEeB2uMCcquthCupnXUy7CRhJDAiErUda6lA0yAOiHDUl8S4IxQg3buLLc5F5D0vSi5J9F2hbfIKV5zHLojWZ_pR3sIY3Ji&sai=AMfl-YRkLiQI_OayRkFoy5TETRRqI8h28ishXtgbM4aYgD3UmL28uAY9dzjGycRQnbydmy7jc5TO5rInGAC2qnjSN_8w5ha-3Rloxt7Mh0rP6y_8I3FF31tqu82tqLPvy403dChpn1SM2SHRSTxJ-2No&sig=Cg0ArKJSzPvO-7hpmUvXEAE&cid=CAQSTgAvHhf_CguByb5ZeRG0zoXAuxwlpnAFE561BLQ7ISFguCZuPIbq-UKuosBSDr2hlrmQCrHf46MBOVzbnX0LELWnNZNomrsXRoeZoLHzDhgB&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240125&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=22&adk=3809598800&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=170757883900&rst=1707578838579&rpt=1176&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/m202401250101/ufs_web_display.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B8C 39 KB
15 KB 20ms
20ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/s6Lo-ySsTFszeicWuLCsm9BIHYA2isJaSryvoQutTtY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Fri, 09 Feb 2024 23:34:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 57186
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15173
x-xss-protection: 0
last-modified: Mon, 05 Feb 2024 17:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 08 Feb 2025 23:34:14 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4183 0
0 53ms
52ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240207&jk=2776398177361922&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

GET
H2 204 generate_204
tpc.googlesyndication.com/ Frame 0B8C 0
41 B 20ms
20ms Image
text/plain 142.250.185.161
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?h4-oRA
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.161 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s51-in-f1.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

date: Sat, 10 Feb 2024 15:27:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1 206
Partial Content file.mp4
r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame C2DB 133 KB
0 326ms
25ms Media
video/mp4 74.125.162.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.162.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s17-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 10 Feb 2024 15:27:21 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-4960006/4960007
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4960007
Last-Modified: Wed, 29 Nov 2023 18:13:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Sat, 10 Feb 2024 15:27:21 GMT

GET
H/1.1 206
Partial Content file.mp4
r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip... Frame 7462 133 KB
0 671ms
25ms Media
video/mp4 74.125.162.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r1---sn-4g5lznek.c.2mdn.net/videoplayback/id/99abf5c448331623/itag/347/source/web_video_ads/ctier/L/acao/yes/ip/0.0.0.0/ipbits/0/expire/1739114840/sparams/acao,ctier,expire,id,ip,ipbits,itag,mh,mip,mm,mn,ms,mv,mvi,pl,source/signature/48795B3F6454C1EE9D51D5380EEAB9E8AC12BAA0.2FF63B8A0355DAF2217BFD81E27856EC307A143C/key/cms1/cms_redirect/yes/mh/aM/mip/84.19.175.184/mm/42/mn/sn-4g5lznek/ms/onc/mt/1707578140/mv/u/mvi/1/pl/21/file/file.mp4

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

74.125.162.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s17-in-f6.1e100.net

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36
Range: bytes=0-

Response headers

Date: Sat, 10 Feb 2024 15:27:21 GMT
X-Content-Type-Options: nosniff
Content-Range: bytes 0-4960006/4960007
Connection: close
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,quic=":443"; ma=2592000; v="46"
Content-Length: 4960007
Last-Modified: Wed, 29 Nov 2023 18:13:28 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Cache-Control: private, max-age=86400
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: https://googleads.g.doubleclick.net
Expires: Sat, 10 Feb 2024 15:27:21 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame C2DB 0
54 B 119ms
119ms Ping
image/gif 173.194.215.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsg8cpna&c=6351404919509&slotId=3175702459754.5&qqid=CIPLkfGKoYQDFW3mFgUdKc8MaQ&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2924&mt=video%2Fmp4&vs=1024x1024&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.vu~atrd.vw&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.215.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vt-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 7462 0
54 B 119ms
119ms Ping
image/gif 173.194.215.120
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=osv&dmc=8&puid=4~lsg8cpo5&c=8351794801839&slotId=4175897400919.5&qqid=CKCpkPGKoYQDFXDMFgUdn8MB9g&fb=outstream-lima&gpm_i=9&gpm_c=9&gpm_a=9&smb=Infinity&br=2924&mt=video%2Fmp4&vs=1024x1024&msm=1&aits=0%2C18%2C22%2C692%2C59%2C342%2C343%2C344%2C345%2C346%2C347&webm=0&vp9=0&vamt=video%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4%2Cvideo%2Fmp4&hvmf=false&vms=1&bit=347&vsrc=web_video_ads&hcn=0&met.4=arp_a_e.x6~atrd.x7&ua_e=1&ape=1&ple=0&umsem=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/formats/outstream/versioned/prod2/outstream_web_client_20240117_RC00/outstream.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 173.194.215.120 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: vt-in-f120.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 10 Feb 2024 15:27:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 54ms
54ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240207&jk=2776398177361922&bg=!4OOl46zNAAaxkZ3akZE7ADQBe5WfOP80rRviWGndd1qrveePmMBMer0laVpJnf4qVxxy7NYuOgFy0Il79nOhWMr1UPeJAgAAADJSAAAAAmgBB5kCxJ2HldjEdNO8uOmgKd009sh5deNoi7HMuOMigCfj0_p1Q8lAnn0Y9jNCaZj8Yrv8HHFKuILkQz-rIUn8a3uGztd_sSqWpLZxYDS-2fZ4EPNv7-DA-liuVycTXJ0a8fKBg-CmeDc2wdfG6swGCmk1t25-8DKGRAF_snxfJp_ZjiC-A-M136rRiUL-cR7z4-hgftSLDpZzxGKQ4w9ZBH2SuonS7wiDejbAl72B3x1TiHi6HkvZbDfbATiW-VvWFVZ4W6dWbMByufM4aB0gQJlP6fwmDILySeXEAMtFxCtSlVXT4Cm1Q_X92BE3znc2SqtpmoRleQerPkMPUkOEwB5CrWXX8sxyEnlIUyIK48PXQMabul-1J_C_EUZv75vtKegeLaDX94J8uXU6gumaT_De7I767MrmI12MbnciGbEUgGL86jUgtDKo-vVAz01w4WHAyIgTvqjyY5YZs2EJqKRmzbx8r0YOXgHyNEHMvH-By2y1DcUvm6uTSnFSKRYmhrXrsarNsyd_6eRghXtWKj8knlaLoEY43bc6RbQGwv2ZXHZTc_Aq8rYuA27NHvajv5WDy4t02HNkU3hzBSW1vDQWlcQDNOXosL4Dh9myHKYeAI7R8Kv5ezOKL6dOAorqyE3Nz8hms2LOJp_fPbyeiRiApj6N_JflNvDCU6Mz-dxl6Z-BB5oCat9FWWyJ76d00ykUeazNHcfrkei6eHPTGIZFxO-I2m_gRZL0t92zSViuwVXo0ojSpyKKpnDz89FYl60A4WummCVREWyUZGBfYxeFO8qKoch4ZCOUAqWFMsEYoPL18ikdbPy4yuiHgoDCNSPi0xBOYu2BKmOGG2GMIVK0J3O9zsV7HZpgJtbPZfhE0Nzw-LWsejtH-Njt9MJRBHW7sKg-_BTBKuixsAv-OS9LTjd8vleaHIpHjZO2fOruEFgK3Ps7bw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cryptext.eu/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.160 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

61 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cryptext.eu/	1970-01-21 03:55:38	Name: _ga_9ZWSGBX9GK Value: GS1.1.1707578837.1.0.1707578837.60.0.0
.cryptext.eu/	1970-01-21 03:55:38	Name: _ga Value: GA1.1.69353782.1707578838
.cryptext.eu/	1970-01-21 03:41:14	Name: __gads Value: ID=8e7d444c08b933e5:T=1707578839:RT=1707578839:S=ALNI_MZY2nazYhWj4pIUNdpgHlYi5u7UdA
.cryptext.eu/	1970-01-21 03:41:14	Name: __gpi Value: UID=00000d552575b154:T=1707578839:RT=1707578839:S=ALNI_MbQjtiHr8K-mU6x5oRK7YMrLniWUg
.cryptext.eu/	1970-01-20 22:38:50	Name: __eoi Value: ID=0c4da9d7b3fead92:T=1707578839:RT=1707578839:S=AA-AfjZvMQVEzVaKqmUg_do2JXRL
.doubleclick.net/	1970-01-21 03:41:14	Name: IDE Value: AHWqTUkwO8Sxp6qFmc-QWAk3998qKWf5blHlt51ofdFPBFE5CYipL369FKrnYgTSDyQ
.googleadservices.com/	1970-01-20 20:29:14	Name: ar_debug Value: 1
.doubleclick.net/	1970-01-20 22:38:50	Name: receive-cookie-deprecation Value: 1
.doubleclick.net/	1970-01-20 22:38:50	Name: APC Value: AfxxVi5HIoLTdrc7KKwIMJ3KtTzctLTi1iLwi0_8SbVEygvbrpIpFw
.ctnsnet.com/	1970-01-21 03:05:14	Name: cid_908ef2b9ef944649b568d3c5cae197b6 Value: 1
.ctnsnet.com/	1970-01-21 03:05:14	Name: gid_CAESEILjPCPhHG7gx4JHw6HY_Uo Value: 1
.simpli.fi/	1970-01-21 03:06:41	Name: suid Value: 257392C670464D7A947F2E5F771BE62F
.creativecdn.com/	1970-01-21 03:05:14	Name: ts Value: 1707578840
.creativecdn.com/	1970-01-21 03:05:14	Name: g Value: 5Mn0aed0UZ00NlANYIhr_1707578840322
.quantserve.com/	1970-01-20 20:29:14	Name: d Value: ED0BCQGOK4EA
.quantserve.com/	1970-01-21 03:49:53	Name: mc Value: 65c795d8-92418-c7962-7f0f4
.turn.com/	1970-01-20 22:38:50	Name: uid Value: 4193719623359281483
.yahoo.com/	1970-01-21 03:05:36	Name: A3 Value: d=AQABBNiVx2UCEHLTTcSy5qQXBmjNr5mvO7UFEgEBAQHnyGXRZQAAAAAA_eMAAA&S=AQAAAhHtpSQkgJ2H33AeqsR6bzE

52 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://pl22136284.toprevenuegate.com/3b8a352137636c6f6ffd01f59562810c/invoke.js Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://cryptext.eu/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.turn.com
bid.g.doubleclick.net
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.creativecdn.com
cm.g.doubleclick.net
cms.quantserve.com
code.jquery.com
creativecdn.com
cryptext.eu
csi.gstatic.com
dclk-match.dotomi.com
dis.criteo.com
fonts.googleapis.com
fonts.gstatic.com
gcdn.2mdn.net
googleads.g.doubleclick.net
imasdk.googleapis.com
ipac.ctnsnet.com
match.adsrvr.org
onetag-sys.com
pagead2.googlesyndication.com
pl22136284.toprevenuegate.com
pr-bh.ybp.yahoo.com
r.turn.com
r1---sn-4g5lznek.c.2mdn.net
region1.analytics.google.com
stackpath.bootstrapcdn.com
stats.g.doubleclick.net
tpc.googlesyndication.com
um.simpli.fi
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.16.89.20
104.17.25.14
104.18.10.207
142.250.184.195
142.250.184.196
142.250.185.161
142.250.185.194
142.250.185.202
142.250.185.78
142.250.185.98
142.250.186.162
142.250.186.163
142.250.186.35
142.250.186.72
151.101.194.137
172.217.16.138
172.217.18.2
172.240.108.84
173.194.215.120
178.250.1.9
185.184.8.90
216.239.32.36
34.246.33.254
35.186.193.173
35.204.74.118
35.214.149.91
35.71.131.137
37.9.175.155
46.228.164.11
51.89.9.254
63.215.202.172
74.125.162.38
74.125.206.157
91.228.74.244
0249ff578fe76fb2a2dc97eec0749c5ea4dc4a1d97c6d73d24a66a9fcbf3fae4
0899097f526aab0c82c4332c8dd24d4041cb5fbde0638d98e883e159ecbe2a64
0913a0b5b58243257d66c58787020d0efc9e93a4a689575dfa8ea12a1d564d27
0a34a87842c539c1f4feec56bba982fd596b73500046a6e6fe38a22260c6577b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1b011dac11ae96ace3b5415a4fc62c69408f0b7625cbeba71a4030fc7488ea92
1ddb3277324a871335ef0b7e680de58c9a79b3c1355b4082ca5425818c8a0306
1f4644988cfb9648d5236c12056f9ca31317c75544ef8776f4fec148322bb954
1fc3fc15c5174ad3cb04edf14be49d28ff88849b52dda7b758bc5600ee8abefa
23d11567502488b4905a85c8ce6a03d6ce539620fa559b8f24a2a95b292a2c6a
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b9d03bce61bd805abfc082b97180958d0df7267b54fce9201b02ba0b0795c3f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
325f25191af82345cc615c820126c663f55ee865ccb8c6f033e11ee57085617a
3346f00ef8366b969f18f29b777e219b303534a5ca06277983b7246e295ded19
33a1ff747dd9600b7a892921651f9b3c156688dcb165d53d619ca3f593c31b46
364f6bb8b7e76b4c4cb1018aec511a517dfd5c2b37a5e266382f377f5b223c10
3c3daf0d8c042aef27ef3afcc9b81f3bf15632148646fe358ea34aa9b59b7f53
3fde3688ee2e59667e357040b5cddf216e74cd8a6b9addc2ad6534ae4552bffa
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
425f9ca7029ca2c95d204079575a3e5f737ef4d322614225344c5aeadd51bfb8
4416df85684789193675dcb13e3e042574f9750ec5f7371807204818ad3968ee
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5574d8962af2e880c5cd0e342b1dc93afaa2df69c6d1a522bd5295a2e5833acd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5c6237178e88ab7f1c6e26c9e99547e58782450b8f2a182129448ff4d99e89ab
5f8d63db4ebf92a0acd4f40b6c055021c3fe826fb648256ec4ab15b09c9e92f2
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65a76dc03e29a647859195d7c4c8bd08fc84843a8117646456569ceedc869b6f
666e4d368ce72c943520791b641310b1e67c68ae5d34172e242a5dade6111069
70a10cc5fce32a739c7d86d46f7640592e460b871c62e6f159a2b725ec756cc3
70e2d61c7d7f4b0cfe91cffccd6b44f1cdf56160db21647b7d7aaee985a33fd3
72f1b28ecce84ae3d826592d42dc3b03b434759b60297c48a1bfb78dd49bb439
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7bd8f3349ff47d0abea8e7382c80b61ebd29489dd57c9392a1351c4705aff413
7f83ea973e4739eb4a3d39bf8bac90016fa95d0167c45d3b883d34f39868e132
8753541a3a44842cd815d81c4f8c589e0a0d763112d622f3088cd6f064e825fd
87e0bffd01248ccc0369b210b2b2004ded168a8fc478f628faa17974b7f4d6da
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
94d865bf9b1e6bea034ec74c542d446fd35b24a3cf7b29a72b2ea8bd2679323d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9ba2c2b2479cc7044e4af1a0123ec24531e8ad57aa91d4d5655405a148271589
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b3a2e8fb24ac4c5b337a2716b8b0ac9bd0481d80368ac25a4abcafa10bad4ed6
b7235f7fbb2b5be1ce3b1ef0ca72f7e7b13b9634144966c70c041c52793a9926
c23d57c6647efa00c711d7a66264954a0382ede261e404916f2b869db7568276
c82b8142fea82535fa8410fceef7b125a01c167d0736e3e8d525cd2403a30031
c8ed597c834c987ee710f904d10ea365a237f342c2d13b4bfeb1ae9f4ed32da8
cc16811d012314472824c6b213ba15798d11223e41557108a85de775bc23e1a9
d2e0f1892e3a4aaf3e9e0e8fbb342e102419e2108c6c079b98ea77ac9849405c
d3f4104957e76483acba4180738253208fd8d4d81c64931244860514af502b82
d44413d0159ff711ea2290231a24b9a1ef032d1305f04abcd02c1ad72a70aaca
d618de8c2467801a06ec38c393fc4eb83d230190805ae8c4da5505104d232e37
d99a3294b83fe3b21e9251c87e7696b7f5ba1651c5d82256db3c0700ead09b57
dde76b9b2b90d30eb97fc81f06caa8c338c97b688cea7d2729c88f529f32fbb1
e3100522a6dd790555f31ee2d85199e409de1c5192e306bbe961505a14f4506a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e519cc4b7b8fdc64a7aaafc1b808cde266a234205aac0d6c55589c12446d565e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efc616ab866cd1f2b6f6285cdb38e106711f21f9e9bb6991d3642dd7a9cb59d0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f644378fcaae753f2caf3b80cf20533cae70747867bb7b041c51049fceb6dbbd
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f7cbc01a310318defd4e31e4616543e2cf3baef5a47562c73ece4c0b716f157e
fe965e0f2d11ae258b9c98c819a32e06af3d19dd8cec9b830780f19ac01ade95

cryptext.eu Open in urlscan Pro 37.9.175.155 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

169 Requests

92 %HTTPS

0 %IPv6

26 Domains

37 Subdomains

30 IPs

7 Countries

1665 kBTransfer

4618 kBSize

18 Cookies

14 Outgoing links

Page URL History

Redirected requests

169 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

cryptext.eu Open in urlscan Pro
37.9.175.155 Public Scan

Screenshot
Live screenshot

Full Image

169
Requests

92 %
HTTPS

0 %
IPv6

26
Domains

37
Subdomains

30
IPs

7
Countries

1665 kB
Transfer

4618 kB
Size

18
Cookies

169 HTTP transactions
4 data transactions