urlscan.io logo urlscan.io
SecurityTrails logo

tr.ipshu.com Open in urlscan Pro
104.26.3.98  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://tr.ipshu.com/
Effective URL: https://tr.ipshu.com/
Submission: On February 27 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 22 IPs in 7 countries across 14 domains to perform 111 HTTP transactions. The main IP is 104.26.3.98, located in and belongs to CLOUDFLARENET, US. The main domain is tr.ipshu.com.
TLS certificate: Issued by E1 on February 14th 2024. Valid for: 3 months.
This is the only time tr.ipshu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.26.2.98 13335 (CLOUDFLAR...)
1 19 104.26.3.98 13335 (CLOUDFLAR...)
1 2606:4700::68... 13335 (CLOUDFLAR...)
12 115.28.212.167 37963 (ALIBABA-C...)
1 2a00:1450:400... 15169 (GOOGLE)
33 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:3::12 44788 (ASN-CRITE...)
1 2a02:2638:3::9 44788 (ASN-CRITE...)
15 2a02:2638:3::3 44788 (ASN-CRITE...)
2 178.250.1.6 44788 (ASN-CRITE...)
6 2a00:1450:400... 15169 (GOOGLE)
3 2a02:2638:3::10 44788 (ASN-CRITE...)
3 2a02:2638:3::1a 44788 (ASN-CRITE...)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2404:2280:1cc... 24429 (TAOBAO Zh...)
111 22
1    104.26.2.98 (None, )

ASN13335 (CLOUDFLARENET, US)
tr.ipshu.com
19    104.26.3.98 (None, )

ASN13335 (CLOUDFLARENET, US)
tr.ipshu.com
en.ipshu.com
1    2606:4700::6810:3865 (United States)

ASN13335 (CLOUDFLARENET, US)
static.cloudflareinsights.com
12    115.28.212.167 (Qingdao, China)

ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN)
PTR: server-aliyun-jinjie-ecs-0.jamesqi.com
chat.tongchaba.com
1    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
33    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
googleads.g.doubleclick.net
1    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
3    2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
ads.eu.criteo.com
1    2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
rtb.nl3.eu.criteo.com
15    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
2    178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
cat.nl3.eu.criteo.com
6    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
3    2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
imageproxy.eu.criteo.net
3    2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
csm.eu.criteo.net
1    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    2404:2280:1cc:0:715::3fb (Singapore)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)
at.alicdn.com
Apex Domain
Subdomains		 Transfer
30 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 106
tpc.googlesyndication.com — Cisco Umbrella Rank: 161
572 KB
21 criteo.net
static.criteo.net — Cisco Umbrella Rank: 686
imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9643
csm.eu.criteo.net — Cisco Umbrella Rank: 9110
228 KB
20 ipshu.com
tr.ipshu.com
en.ipshu.com
397 KB
12 tongchaba.com
chat.tongchaba.com
501 KB
7 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
stats.g.doubleclick.net — Cisco Umbrella Rank: 85
89 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 32
5 KB
5 criteo.com
ads.eu.criteo.com — Cisco Umbrella Rank: 9065
rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 14540
cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10448
105 KB
4 gstatic.com
fonts.gstatic.com
www.gstatic.com
691 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 226
11 KB
2 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 2663
www.google.com — Cisco Umbrella Rank: 2
1 KB
1 alicdn.com
at.alicdn.com — Cisco Umbrella Rank: 16548
1 KB
1 google.de
www.google.de — Cisco Umbrella Rank: 6553
408 B
1 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
96 KB
1 cloudflareinsights.com
static.cloudflareinsights.com — Cisco Umbrella Rank: 787
7 KB
111 14
Domain Requested by
27 pagead2.googlesyndication.com tr.ipshu.com
pagead2.googlesyndication.com
tpc.googlesyndication.com
googleads.g.doubleclick.net
15 static.criteo.net ads.eu.criteo.com
13 en.ipshu.com tr.ipshu.com
en.ipshu.com
12 chat.tongchaba.com tr.ipshu.com
chat.tongchaba.com
7 tr.ipshu.com 2 redirects tr.ipshu.com
en.ipshu.com
static.cloudflareinsights.com
6 fonts.googleapis.com pagead2.googlesyndication.com
googleads.g.doubleclick.net
tr.ipshu.com
6 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
3 www.gstatic.com tr.ipshu.com
googleads.g.doubleclick.net
3 csm.eu.criteo.net ads.eu.criteo.com
3 imageproxy.eu.criteo.net ads.eu.criteo.com
3 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 cdnjs.cloudflare.com ads.eu.criteo.com
chat.tongchaba.com
2 cat.nl3.eu.criteo.com ads.eu.criteo.com
2 ads.eu.criteo.com googleads.g.doubleclick.net
1 at.alicdn.com chat.tongchaba.com
1 fonts.gstatic.com fonts.googleapis.com
1 rtb.nl3.eu.criteo.com googleads.g.doubleclick.net
1 www.google.com tpc.googlesyndication.com
1 www.google.de
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 www.googletagmanager.com tr.ipshu.com
1 static.cloudflareinsights.com tr.ipshu.com
111 23
Subject Issuer Validity Valid
ipshu.com
E1		 2024-02-14 -
2024-05-14		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-10 -
2024-04-09		 a year crt.sh
chat.tongchaba.com
R3		 2024-01-11 -
2024-04-10		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.de
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
www.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-08 -
2024-05-06		 3 months crt.sh
*.nl3.eu.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-06 -
2024-05-03		 3 months crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2024-02-17 -
2024-05-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.eu.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-12-27 -
2024-03-21		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-02-05 -
2024-04-29		 3 months crt.sh
*.tbcdn.cn
GlobalSign Organization Validation CA - SHA256 - G3		 2023-12-26 -
2024-07-30		 7 months crt.sh

This page contains 13 frames:

Primary Page: https://tr.ipshu.com/
Frame ID: 7B8E39EE2A6E07C480E2ECF907DECC68
Requests: 41 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html
Frame ID: 82D9607B4B2BFD7009D31444EDEE4995
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&adk=1812271804&adf=3025194257&lmt=1708666804&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftr.ipshu.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745078&bpp=3&bdt=934&idt=171&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5945038737496&frm=20&pv=2&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=192
Frame ID: A662AE274B7A00F5A369E69F8CD9C9DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
Frame ID: 7D273D57A0C6FE0BA9144AD512ED4BEB
Requests: 8 HTTP requests in this frame

Frame: https://chat.tongchaba.com/
Frame ID: 9EDB0B7C1766D6A7E56C6475B4C9285E
Requests: 12 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 06860D60EF867023A3C1DA1743B84207
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 52C4A13592FF1573A5EE4123D2F77A38
Requests: 2 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Frame ID: 35732815F3B75B2984216D5270E9211D
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: 8682F1A364661AF0A6D72437AE27CD46
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Frame ID: AE9DBA137EE7842FA653F28D230819A3
Requests: 4 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: A275E5373E3489795DED7D3BF132F8E1
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Frame ID: C2040D8C63F58D7C921947E38253FE24
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js
Frame ID: B5BB0A83C9641755AC7A203823C10411
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

IP Adresi Yukarı Bak Araçlar | IP Adresi (Türkçe) 🔍İnternet hızı | ipshu.com4G - İndir(Mb/s): 28.155G - İndir(Mb/s): 263.4Geniş bant - İndir(Mb/s): 137.284G - Yükle(Mb/s): 16.255G - Yükle(Mb/s): 43.4Geniş bant - Yükle(Mb/s): 56.23Yükle(Mb/s)İndir(Mb/s)Tarayıcı Pazar Payı | ipshu.comChrome: 63.59%Safari: 19.15%Firefox: 3.76%Edge: 3.41%Other: 10.09%Chrome: 63.59%Safari: 19.15%Firefox: 3.76%Edge: 3.41%Other: 10.09%IP Miktarı Pazar Payı | ipshu.com🇺🇸: 37.19%🇨🇳: 10.50%🇯🇵: 5.81%🇩🇪: 3.97%🇬🇧: 3.46%🇺🇸: 37.19%🇨🇳: 10.50%🇯🇵: 5.81%🇩🇪: 3.97%🇬🇧: 3.46%🇺🇸: 37.19%🇨🇳: 10.50%🇯🇵: 5.81%🇩🇪: 3.97%🇬🇧: 3.46%

Page URL History Show full URLs

  1. http://tr.ipshu.com/ HTTP 301
    https://tr.ipshu.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • vue[.-]([\d.]*\d)[^/]*\.js
Overall confidence: 100%
Detected patterns
  • clipboard(?:-([\d.]+))?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • static\.cloudflareinsights\.com/beacon(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

111
Requests

99 %
HTTPS

82 %
IPv6

14
Domains

23
Subdomains

22
IPs

7
Countries

2704 kB
Transfer

5944 kB
Size

3
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://tr.ipshu.com/ HTTP 301
    https://tr.ipshu.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1
  • https://tr.ipshu.com/img/logo.png HTTP 301
  • https://en.ipshu.com/img/logo.png

111 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
tr.ipshu.com/
Redirect Chain
  • http://tr.ipshu.com/
  • https://tr.ipshu.com/
35 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62d6ac650803454ea6edb7a79abe391bf6d4d7846f9c7524d8ecd756e640527d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
31805
alt-svc
h3=":443"; ma=86400
cache-control
public, max-age=2678400
cf-cache-status
HIT
cf-ray
85c3c000cb362c53-FRA
content-encoding
br
content-language
tr
content-type
text/html; charset=utf-8
date
Tue, 27 Feb 2024 22:09:04 GMT
expires
Sun, 19 Nov 1978 05:00:00 GMT
last-modified
Fri, 23 Feb 2024 05:40:04 GMT
link
<https://tr.ipshu.com/>; rel="canonical",<https://tr.ipshu.com/node/1>; rel="shortlink"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CdMT%2FfUA4c%2BDoHuJDNWueWJ%2F0v4C3i02catlKzrOlFcY%2BvC8BDfbz6ufXbTFcyycLBkdaQkxBdU0J3MfAmbnJX2%2BhFxLbVWKG%2B8%2B9qFYSXuNqMkolJN8tQO1xOfVyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-content-type-options
nosniff
x-frame-options
SAMEORIGIN
x-generator
Drupal 7 (http://drupal.org)

Redirect headers

CF-RAY
85c3c0007d811cb5-FRA
Cache-Control
max-age=3600
Connection
keep-alive
Date
Tue, 27 Feb 2024 22:09:04 GMT
Expires
Tue, 27 Feb 2024 23:09:04 GMT
Location
https://tr.ipshu.com/
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rCkd7RdXSEIY59ne%2BqRZPohpFc7zL2%2Br3DL73I1TQVwWSUzgCu7hgSfq4NZakbvwUbGI7dzVPUmoAlDuWMdx3%2FTNS7ooWgk%2FgA772niUxs29TZ30VaEaAv27xHd45A%3D%3D"}],"group":"cf-nel","max_age":604800}
Server
cloudflare
Transfer-Encoding
chunked
Vary
Accept-Encoding
alt-svc
h3=":443"; ma=86400
ip-web.min.css
en.ipshu.com/sites/all/themes/responsive_bartik/css/ 		34 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://en.ipshu.com/sites/all/themes/responsive_bartik/css/ip-web.min.css
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d2ff13dea89592adbc9bdee4c1a074281ada0f70826c74986e6d36449f67f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476163
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 24 May 2023 03:53:06 GMT
server
cloudflare
etag
W/"86d9-5fc6871000f6f-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n4S7amNtvWizbq6JZ8nX9KmIHyHhhj7nfWew%2BsbcgWGqwqIzFmH3AfZM23rpefxKSnt146%2BkGf9UUtFir17zYOOZJyZm3mN7eNT4Q11Fgf8DJskLhHJYCnenuLvckA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=2678400
cf-ray
85c3c0010b632c53-FRA
expires
Tue, 13 Feb 2024 06:05:34 GMT
logo.png
en.ipshu.com/img/
Redirect Chain
  • https://tr.ipshu.com/img/logo.png
  • https://en.ipshu.com/img/logo.png
1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ipshu.com/img/logo.png
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f04b496cdc667175486b3647af64c7beb002f3351f4f13aacd86f63710370cf3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476159
cf-polished
origFmt=png, origSize=2180
content-disposition
inline; filename="logo.webp"
alt-svc
h3=":443"; ma=86400
content-length
1282
cf-bgj
imgq:85,h2pri
last-modified
Sun, 13 Sep 2020 22:57:02 GMT
server
cloudflare
etag
"884-5af39d601eb80"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xPtDNYiGUilAkgXOvE7NhW0D6zCa1ILkImCJS8xl5iYhTq9zBuoNtUsDg4xkLx6E2ptrQvl9SsXDizTfVcSDYRFlLKc%2FWWdlG2cpNhCw22LKLOsbuXjUynwD4do9sg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85c3c0010b692c53-FRA
expires
Tue, 13 Feb 2024 06:05:34 GMT

Redirect headers

date
Tue, 27 Feb 2024 22:09:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=q8TWaxuWJAK%2FJhtN7%2Frwyl2gBX2s5RpO9eh6hHx8BMXBxDCHIE3Hk%2FRGPk8vsDJ%2F3kAYfi8i0HUNFBjU5YakmibqbWZyLB4aThan58of6NLrbUAiDIdMKDpHedDhXw%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://en.ipshu.com/img/logo.png
cache-control
max-age=3600
cf-ray
85c3c000fb532c53-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 27 Feb 2024 23:09:04 GMT
loading-es.svg
en.ipshu.com/img/ 		675 B
665 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ipshu.com/img/loading-es.svg
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f5322d394927ffe454d7c930f3db649db0c1d9426e51ed8971638a0e96798f2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476848
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 23 Sep 2022 06:02:41 GMT
server
cloudflare
etag
W/"2a3-5e951ecfa4240-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BJDB2CZJ3jYhjvb3zhyu3E%2FA72fWXnXGV7sNg3ukrSE8o6fiT%2FUzQhplUNDpQbAgjiAnPR9BktWonuAORzu08aprmah72I7VaYKWYJLh27HNAkkAeHnKIeQ1JZzc0w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
85c3c0010b682c53-FRA
expires
Tue, 13 Feb 2024 06:05:34 GMT
find_router_ip.jpg
en.ipshu.com/sites/default/files/field/image/ 		101 KB
102 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ipshu.com/sites/default/files/field/image/find_router_ip.jpg
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e16d425a18476980d542028decba232be9a0a6fe80e507c199ec3e35a5db573
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476947
cf-polished
qual=85, origFmt=jpeg, origSize=108970
content-disposition
inline; filename="find_router_ip.webp"
alt-svc
h3=":443"; ma=86400
content-length
103734
cf-bgj
imgq:85,h2pri
last-modified
Wed, 17 Jan 2024 03:48:37 GMT
server
cloudflare
etag
"1a9aa-60f1c1f3b2ade"
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QeHA%2FxXRfkhGK71O7fX8Y1SU%2FgZrKu%2FwZ5Ca8%2F0327b22nsbdK0%2BxiVNOxrXUh5l2L%2F0NfiJKNwwU4hfqijdzDmvCjDrPes6Y6wZVezz5ghjhTP0ZMOBb1XOEWNUGw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85c3c0010b652c53-FRA
expires
Tue, 13 Feb 2024 06:05:34 GMT
192.168.1.1_login_admin.jpg
en.ipshu.com/sites/default/files/field/image/ 		106 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ipshu.com/sites/default/files/field/image/192.168.1.1_login_admin.jpg
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
333f13f2d393946ceb2d500c1a1a7f43ad330225b85962026bc8d877f8f67420
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
last-modified
Wed, 17 Jan 2024 03:46:25 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"1a90c-60f1c175f3f3a"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dc9Nmw1cCTt1rP%2BScNr4F5b3RgnD0OSX6W0jHJnNQmT9W3cRtdB5DoWUfBYvdKeBG%2FJ8cNFmiG6ivBtXECXAm4xxPj15K4NsKqDGkSzXSIpwFzckaJGdTR7rSIPDNA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
85c3c0010b672c53-FRA
alt-svc
h3=":443"; ma=86400
content-length
108812
expires
Tue, 12 Mar 2024 22:09:04 GMT
view_phone_ip.jpg
en.ipshu.com/sites/default/files/field/image/ 		103 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ipshu.com/sites/default/files/field/image/view_phone_ip.jpg
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
847aab26e0393eb80a5ebd5b3192c1e71d04a77e11b6a67026c6b362c46bcb4a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476947
cf-polished
origSize=109074, status=webp_bigger
alt-svc
h3=":443"; ma=86400
content-length
105188
cf-bgj
imgq:85,h2pri
last-modified
Wed, 17 Jan 2024 03:47:45 GMT
server
cloudflare
etag
"1aa12-60f1c1c203473"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zkOm%2FNd3r4GwPLRAbaygO7HLnzFXhmNlf90Qra9c2SLBE0Bhy%2BK1sHXOs2wZRmUgUfzwHra5Efyqh73K2dFTtiI%2F6g%2B%2BouMWzGqpz2MPRfKO5zKDKRiTVCLzKNrt%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2678400
accept-ranges
bytes
cf-ray
85c3c0010b642c53-FRA
expires
Tue, 13 Feb 2024 06:05:34 GMT
rocket-loader.min.js
tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 20 Feb 2024 15:59:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"65d4cc77-302c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0f%2FhRGoFVuDxUgmiynvL0LiDmfZL58%2F0yvy2NXlo4m6f4iHkQnfpumekAueszDfEPMjvNYRvARzll18Gkr1E4DuYBgup6mF2raWVmqNgub9%2B7tz4YWWHwqL52q6%2BJg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
85c3c000fb542c53-FRA
expires
Thu, 29 Feb 2024 22:09:04 GMT
v84a3a4012de94ce1a686ba8c167c359c1696973893317
static.cloudflareinsights.com/beacon.min.js/ 		20 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:3865 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101

Request headers

Referer
https://tr.ipshu.com/
Origin
https://tr.ipshu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
gzip
last-modified
Tue, 10 Oct 2023 21:38:13 GMT
server
cloudflare
etag
W/"2023.10.0"
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
cf-ray
85c3c00109ac4d5a-FRA
banner-bg.svg
en.ipshu.com/sites/all/themes/responsive_bartik/img/ 		4 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://en.ipshu.com/sites/all/themes/responsive_bartik/img/banner-bg.svg
Requested by
Host: en.ipshu.com
URL: https://en.ipshu.com/sites/all/themes/responsive_bartik/css/ip-web.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
faaf6e8d4ce67496f0a2dd3bd00fed70e2b4b59276d88acc3c9b3b2807f138f3
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://en.ipshu.com/sites/all/themes/responsive_bartik/css/ip-web.min.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476522
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 21 Oct 2020 05:30:30 GMT
server
cloudflare
etag
W/"1010-5b227a5484980-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sE2Nr5eEC9UvPhAuYfwjDn4sBvLnyiPGO%2BBqRv3RBLZzxja5MniGCKDumvLBeBXO06lhd4%2FX7elDHCnKfbZLKhX4ibGFiBqHK%2Bsg359yM2%2Fe1IBdzLmozYJTen3xwQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
max-age=2678400
cf-ray
85c3c0014c50bbfd-FRA
expires
Tue, 13 Feb 2024 06:05:46 GMT
iconfont.woff2
en.ipshu.com/sites/all/themes/responsive_bartik/fonts/ 		10 KB
10 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://en.ipshu.com/sites/all/themes/responsive_bartik/fonts/iconfont.woff2?t=1657677619387
Requested by
Host: en.ipshu.com
URL: https://en.ipshu.com/sites/all/themes/responsive_bartik/css/ip-web.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0aad2b47719e51dc5b8545f17917ce30252d644f09d5bcbf52c5bfd571574b52
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://en.ipshu.com/sites/all/themes/responsive_bartik/css/ip-web.min.css
Origin
https://tr.ipshu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2464859
alt-svc
h3=":443"; ma=86400
last-modified
Wed, 13 Jul 2022 02:00:19 GMT
server
cloudflare
etag
W/"2624-5e3a625a1f2c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BKCC0JX7gn7bK46br8ni4mfrCLR%2Fhw%2BqHRmwiXQ9DrUiAUHZThSX6oXEOJElMnPhDmPw02qt4e5zowaru5LXUjUlBUfDsvMX38B%2FOw4k1kl8OwvPjfHXP%2FUGoQJwuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
access-control-allow-methods
OPTIONS,POST,GET
cache-control
max-age=2678400
cf-ray
85c3c0015b2d03e4-FRA
access-control-allow-headers
Content-Type, api_key, Authorization, alexatoolbar-alx_ns_ph
expires
Tue, 13 Feb 2024 06:06:05 GMT
chatbot.js
chat.tongchaba.com/static/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/static/chatbot.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
8b1159376dfa69813c0f22eb9354a8535fef7dcf9466c23614883cdcf5191fe0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 08:07:28 GMT
server
nginx
etag
W/"65814f40-3f38"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 28 Feb 2024 10:09:05 GMT
search.js
en.ipshu.com/elasticsearch/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://en.ipshu.com/elasticsearch/js/search.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
013d260aef31b60580fe317c2fb257a9e4ce146d1218102378d91576828d86e2
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476427
cf-polished
origSize=2583
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Thu, 01 Dec 2022 09:11:25 GMT
server
cloudflare
etag
W/"a17-5eec09afda940-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Aj%2BCXqvI2xDt6D0djv4s8S74nepQZzCJKFXuzU2AjyEqBwdOX8wB0GPGZ%2B9UGnjhwpQUCcYZU6%2BIgHMgZzdBhn%2B9w9Ejjutwx7oZgucgccHH%2FQJTEddsRyk0j4hNnA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85c3c0016c6cbbfd-FRA
expires
Tue, 13 Feb 2024 06:05:46 GMT
jquery.autocomplete.min.js
en.ipshu.com/elasticsearch/js/ 		40 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://en.ipshu.com/elasticsearch/js/jquery.autocomplete.min.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d78aa49dd31e96122abe451c577e39b3a5e09393090c91d263b8dda13a547b97
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476427
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Oct 2022 05:50:34 GMT
server
cloudflare
etag
W/"a024-5eaa7bcf27e80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZofvVNHhhBWe5kk5tt9990Sp6OcmlC1MX9PjtWaOR6hfEmA3SPiH5KPnyHvv57kH77jFqlezn45iUPhEApcSRzxbtiyHFkrpjhRjDcZPYyDV1usLOP1UgwqlI7J%2BbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85c3c0016c6ebbfd-FRA
expires
Tue, 13 Feb 2024 06:05:44 GMT
clipboard.min.js
en.ipshu.com/sites/all/themes/responsive_bartik/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://en.ipshu.com/sites/all/themes/responsive_bartik/js/clipboard.min.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476427
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 18 Apr 2019 13:23:48 GMT
server
cloudflare
etag
W/"2a02-586cde9886100-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fuTlK6epuUECfiMG9UhyqsxlBKTTgkSEqqB68QwXB0ihjIxYkDjPhetqDmbQOb0XObG7mmbwHTgINILiEARGvQD8lSzcPszKO47YSiu0pGyxYNVkrV2eQk9mhaG8Uw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85c3c0016c70bbfd-FRA
expires
Tue, 13 Feb 2024 06:05:46 GMT
ajax_all.min.js
en.ipshu.com/sites/all/themes/responsive_bartik/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://en.ipshu.com/sites/all/themes/responsive_bartik/js/ajax_all.min.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a6d45029c3d7e828fdf87a47f6aa595e42105101d6b7b4209d551c45b172c9da
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476427
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 26 Dec 2022 02:59:23 GMT
server
cloudflare
etag
W/"786-5f0b2528758c0-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=izdOhCDeVjYUX9UZDIsY1Dl9CAh06zigNSmNnTCWvaoWPCtrt6K%2F8gqEl7HS6kxRcD7ra3swEox7Z%2FFH6zdufdDlgDE5SF1Z2qLhYb3XvmHz2VmiTTor8YGPVlwYBA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85c3c0016c71bbfd-FRA
expires
Tue, 13 Feb 2024 06:05:46 GMT
jquery-2.1.4.min.js
en.ipshu.com/sites/all/themes/responsive_bartik/js/ 		82 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://en.ipshu.com/sites/all/themes/responsive_bartik/js/jquery-2.1.4.min.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2476427
alt-svc
h3=":443"; ma=86400
last-modified
Mon, 10 Jun 2019 06:16:58 GMT
server
cloudflare
etag
W/"14979-58af220a5aa80-gzip"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cyVelpe9Df%2FFoHLElMhoYFtyGaaO%2FnCBXAU9sSCDaSREvJbGGzoHomyRSnlYrqUmjzq%2BdC32VSsl%2Fhg2t%2BOqnmPr8rY%2Fo8VA6p5VY7%2BdK%2BEkII0e%2BMyG%2BOB%2FK9DN9w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2678400
cf-ray
85c3c0016c73bbfd-FRA
expires
Tue, 13 Feb 2024 06:05:46 GMT
js
www.googletagmanager.com/gtag/ 		290 KB
96 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFGF51SSN3
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
efaa0188e97b9c2c5731242b6d8eadbdc2b4fe2882164268d9aa3842ef7fb257
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
98246
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 27 Feb 2024 22:09:04 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		154 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8670212889350560
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
bb251a47a901a785ad6b2ad92f727b5fa0c57af8944e24b17622a0d8c028c6e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.ipshu.com/
Origin
https://tr.ipshu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
51826
x-xss-protection
0
server
cafe
etag
11901371785530528804
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
link
<https://googleads.g.doubleclick.net>; rel="preconnect"; crossorigin
expires
Tue, 27 Feb 2024 22:09:04 GMT
show_ads_impl_with_ama_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 		408 KB
138 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8670212889350560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cd994dce8bea165653624abcb7a12e102c61d1c9e5d011b430617738bd467079
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141470
x-xss-protection
0
server
cafe
etag
7930265216998943247
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 22:09:05 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/ Frame 82D9 		9 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20190131/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8670212889350560
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.ipshu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
43330
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 10:06:55 GMT
etag
9539045072340585784
expires
Tue, 12 Mar 2024 10:06:55 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
collect
region1.analytics.google.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-NFGF51SSN3&gtm=45je42q1v884153601za220&_p=1709071745063&_gaz=1&gcd=13l3l3l3l1&npa=0&dma_cps=sypham&dma=1&cid=1472469700.1709071745&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&pscdl=noapi&_s=1&sid=1709071745&sct=1&seg=0&dl=https%3A%2F%2Ftr.ipshu.com%2F&dt=IP%20Adresi%20Yukar%C4%B1%20Bak%20Ara%C3%A7lar%20%7C%20IP%20Adresi%20(T%C3%BCrk%C3%A7e)%20%F0%9F%94%8D&en=page_view&_fv=2&_nsi=1&_ss=2&_c=1&_ee=1&tfd=1072
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFGF51SSN3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 22:09:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tr.ipshu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
243 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-NFGF51SSN3&cid=1472469700.1709071745&gtm=45je42q1v884153601za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFGF51SSN3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 22:09:05 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://tr.ipshu.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-NFGF51SSN3&cid=1472469700.1709071745&gtm=45je42q1v884153601za220&aip=1&dma=1&dma_cps=sypham&gcd=13l3l3l3l1&npa=0&z=918232388
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 22:09:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame A662 		261 KB
62 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&adk=1812271804&adf=3025194257&lmt=1708666804&plat=1%3A16777216%2C3%3A16%2C4%3A16%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Ftr.ipshu.com%2F&pra=5&wgl=1&easpi=0&asro=0&aseiel=1~2~4~6~8~9~10~11~12~13~14~15~16~17~18~19~20&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745078&bpp=3&bdt=934&idt=171&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=5945038737496&frm=20&pv=2&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=192
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
45a2a8f6b11ee5652e134b0b6c7a48998958fee91631161ca970676eed798643
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.ipshu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
63691
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 22:09:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=UL&cls=stiky_menu&ign=false&pw=1600&ph=1200&x=1575&y=1175
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 22:09:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 7D27 		34 KB
14 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
400a785b0121cf9395a13a0c75c5947e7844e7052ec9ad8b4e15ef1d1db9205b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.ipshu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
br
content-length
14160
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 22:09:05 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
chat.tongchaba.com/ Frame 9EDB 		14 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/static/chatbot.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
dfa3926686ced92134e737a42c6c28951899c44ec2308ea2ec305f79ceafc7eb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tr.ipshu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html
date
Tue, 27 Feb 2024 22:09:05 GMT
etag
W/"65814e2f-368a"
last-modified
Tue, 19 Dec 2023 08:02:55 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
styles
chat.tongchaba.com/api/chat/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/api/chat/styles?bid=bDcv1GhGeWrpoket
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,server
Access-Control-Request-Method
GET
Origin
https://tr.ipshu.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,server
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin
*
access-control-max-age
86400
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Feb 2024 22:09:05 GMT
server
nginx
strict-transport-security
max-age=31536000
vary
Accept-Encoding
styles
chat.tongchaba.com/api/chat/ 		426 B
871 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/api/chat/styles?bid=bDcv1GhGeWrpoket
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/static/chatbot.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
5731223d418781cacce3c66f5440003ca1ada422b45c2aa51c313274e25fb042
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://tr.ipshu.com/
server
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
strict-transport-security
max-age=31536000
x-rate-limit-limit
120
server
nginx
x-rate-limit-remaining
120
access-control-max-age
1800
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-rate-limit-reset
1709071806
access-control-allow-credentials
true
access-control-allow-headers
think-lang, server, ba-user-token, batoken, Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With
myip_info
tr.ipshu.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tr.ipshu.com/myip_info?random=0.204649363383262
Requested by
Host: en.ipshu.com
URL: https://en.ipshu.com/sites/all/themes/responsive_bartik/js/jquery-2.1.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2dc96c6096e1af6af485d9964b65e7a4267d3e08779b206154a52742535b75b5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Accept
text/html, */*; q=0.01
Referer
https://tr.ipshu.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
content-language
tr
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b6jnPGKWWSJjWL3ecnbb2L6aZRAeR2OmBtWXvJx1Adr8B6M1gh9YmBRaxI0L6wQBQGzaTb8iUjLfXMmqgqyirwBdZOKlAEnqAwzxWOjGhgn4cFy%2FNnZlegRtyppm9g%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
no-cache, must-revalidate
cf-ray
85c3c008c9cabbfd-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 Nov 1978 05:00:00 GMT
comment_lists_json
tr.ipshu.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://tr.ipshu.com/comment_lists_json
Requested by
Host: en.ipshu.com
URL: https://en.ipshu.com/sites/all/themes/responsive_bartik/js/jquery-2.1.4.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c9ae9286001686b469a251b96dd39bd4089726bb6694a23b7ae5e1c0e1671286
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Referer
https://tr.ipshu.com/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
EXPIRED
last-modified
Tue, 27 Feb 2024 21:01:53 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DO10JSJ2XAKCgYk28P223CDS0GiD8UJ2Ub6W7hXzVNkEakZvu2e3%2Bp2bRcB04l%2BB8nxZkxHCaRzu7NENvrFRJryvQvTGifqliVmOlhOyMWGXYsqxr%2FKINvHXxttqnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/json; charset=utf-8
cache-control
no-cache, must-revalidate
cf-ray
85c3c008c9ccbbfd-FRA
alt-svc
h3=":443"; ma=86400
expires
Sun, 19 Nov 1978 05:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20240221&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01ca1c262a8ab2a575339980ccf6960ec893c99a00a52081d7ede108adacab8f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12288
x-xss-protection
0
rum
tr.ipshu.com/cdn-cgi/ 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tr.ipshu.com/cdn-cgi/rum?
Requested by
Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.26.3.98 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://tr.ipshu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
content-type
application/json

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
x-content-type-options
nosniff
server
cloudflare
vary
Origin
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://tr.ipshu.com
x-frame-options
DENY
access-control-allow-credentials
true
cf-ray
85c3c008d9d6bbfd-FRA
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Feb 2024 22:09:05 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0686 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.ipshu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
25109
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 15:10:36 GMT
expires
Wed, 26 Feb 2025 15:10:36 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 52C4 		829 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
cc17cce5ff6aa9e52ccecc02e7988ad670b765c6b2efc367235b60833100f0f3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-0cwWk2r8ghAhWYw7xxGGwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://tr.ipshu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-0cwWk2r8ghAhWYw7xxGGwg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 22:09:05 GMT
expires
Tue, 27 Feb 2024 22:09:05 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
pagead2.googlesyndication.com/bg/ Frame 0686 		39 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/BoEj1MRYnOy5BSN5ElbJySd6MGFyYBWT_ZtkFEIAVvM.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 08:48:16 GMT
content-encoding
br
x-content-type-options
nosniff
age
48049
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15302
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 08:48:16 GMT
index-d1f50981.js
chat.tongchaba.com/assets/ Frame 9EDB 		132 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/assets/index-d1f50981.js
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
d25d8b3c2a315a4d7c771899bf410bb99d361f56b7cbe3c8c35b49391ea25b6d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://chat.tongchaba.com/
Origin
https://chat.tongchaba.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 08:02:55 GMT
server
nginx
etag
W/"65814e2f-211d7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 28 Feb 2024 10:09:05 GMT
vue-818c208d.js
chat.tongchaba.com/assets/ Frame 9EDB 		1 MB
351 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/assets/vue-818c208d.js
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
4801001de69f4090b0d621edc8d59a10e7dc51e832e82904b7a0538696aa2e05
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://chat.tongchaba.com/
Origin
https://chat.tongchaba.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 08:02:55 GMT
server
nginx
etag
W/"65814e2f-113c12"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=43200
expires
Wed, 28 Feb 2024 10:09:05 GMT
style-edd0a6de.css
chat.tongchaba.com/assets/ Frame 9EDB 		449 KB
81 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/assets/style-edd0a6de.css
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
edd0a6dead210b4097576794e0d845faaf2ab24332f352c24efb74166f745f6b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://chat.tongchaba.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
last-modified
Tue, 19 Dec 2023 08:02:55 GMT
server
nginx
etag
W/"65814e2f-704d4"
vary
Accept-Encoding
content-type
text/css
cache-control
max-age=43200
expires
Wed, 28 Feb 2024 10:09:05 GMT
truncated
/ Frame 9EDB 		5 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd7e36987c0c6f67d63dfbd6156361c7a4d7862b492e26b375b2acaa657f2fd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
sodar
pagead2.googlesyndication.com/pagead/ Frame 52C4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20240221&jk=1126258489724534&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 0686 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?u0C2cA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame 7D27 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 23:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
83248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 23:01:37 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame 7D27 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 12:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 12:00:47 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame 7D27 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 21:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 22:48:15 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame 3573 		139 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
afbbfadb7b853cfb48ee537796b8c7d1fbccd844872378f4a957805198b35723
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 22:09:04 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=jNGM3_Lz9coQFugHnMHQFZ9m6VQzktL7Y-jJYzL3cJbMK65G6Hml8is6Gmbydg2u0mTvYGB0Gmq176_2I8cji6uSoFpNEhedI2TS-Xa75lxzYWrN8vl_Hqbqlrebxr4EBTU-lmasRkzkTbsXQOIJ9A8t2viFwmQLvXjvItaQiR6RoiBKNejCAKToI5k0UczRMzTLYkx-Q9kSD9gyGabTMjhUw8C3ukOkK7liIZUTuCmkSS9aQsY3aJX5prqEINl2LKgPPA"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
40926352
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
truncated
/ Frame 7D27 		213 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2af78d1405ae71773b00dd832220b3497121ae09af33c94ff6cc89718c9a19b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

Content-Type
image/png
adview
googleads.g.doubleclick.net/pagead/ Frame 7D27 		0
19 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C5DUCgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEvwFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGx683IH-Y5rbKMDjBFkfHXMdJrFltns0XmuVyruZZSilW7jVzfF8IAG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA4AKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi04NjcwMjEyODg5MzUwNTYwGAA&sigh=C0CaldFMp34&uach_m=%5BUACH%5D&cbvp=2&vis=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

content-security-policy
script-src 'none'; object-src 'none'
date
Tue, 27 Feb 2024 22:09:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 7D27 		0
126 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kuzRGcz6RLAJmAKdg2ICAgAAANa3cwm_d1IGHLj3aRCAXd5lqPIlC-IumcN4wwAAEgAACgpBUVVCQVFFQkFR&wp=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&cbvp=2
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
server-processing-duration-in-ticks
129003
server
Kestrel
content-length
0
privacy_small.svg
static.criteo.net/flash/icon/ Frame 3573 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:05 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame 3573 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:05 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame 3573 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 21 Feb 2025 22:09:05 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame 3573 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 21 Feb 2025 22:09:05 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 3573 		43 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ez3GbA3q6iApeMCS0-LItuQqq3r_gPo9wzzftu0JrlpFAtBzY9TRwenT9qUYB_2tohaj5EmgD5DI_ZEID96chXmvfkGJZsYGqZEKpZusJ3jQz4t8VAFpnVflijlKYcIe74sberWrVJnMSEO-vfLlTlSZRwPSrNcln29ylAZ8bCuWTGksN3jgl9ufIkWqsuKQepo8uNo0nRynp9yU5o-A-HX76i5Q1eKI4w4cfAdxI94drWia0MkuOgOnHLvvOwKLoEj9RzPDVwnSAwypeDeOhsE5LeJkqZbl7H_cbH5YFwEmLwk7mAD502BIxRjy_yhl4WITcbROZCAg5Hw1R2ddfZcJcpnBVTgKSTxruSyHo8Y-pwLwmX5GZ6nb-zva0IlmgOBUdObmk56c0d39_TdUJbzdAAkihW5cUeBqzS8t9BZM_7L9GlxaWWhcj7Md4dQ6Q6D_Iw
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1754323
expires
Mon, 26 Jul 1997 05:00:00 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 		166 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/reactive_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8ead0546c4ac00bbc4f428044cff41dfbcc639ab44a3f3af2c0a7a4e34c7a5dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
57342
x-xss-protection
0
server
cafe
etag
12082670061695335556
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 22:09:05 GMT
slotcar_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/ 		90 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/slotcar_library_fy2021.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8670212889350560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2c4ca5df2081d2a45f0d96b673e7d99ced36138a9142f2b334dba00590bcfb6e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32133
x-xss-protection
0
server
cafe
etag
16449761485179634745
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 22:09:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_rs&sts=pflna&evt=place&vh=1200&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&hl=tr&pvc=1126258489724534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 22:09:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
fonts.googleapis.com/ 		1 KB
520 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
979bb9b1aadc56ca36931ca9ce6457a194d4474bf0a8b77fa5961b504900a1d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 22:09:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Feb 2024 22:09:05 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%20Text%3A400%2C500%2C700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db02d25f24b2b72ec96e6540ef451ccb8bfbdf9782937cc79547428578f63b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 20:56:04 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Feb 2024 22:09:05 GMT
css2
fonts.googleapis.com/ 		591 B
440 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Google+Symbols:opsz,wght,FILL,GRAD@20..48,100..700,0..1,-50..200
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fc1ef266d44e50168fc09c5d1b8dc510215b0ce6c8032e004482525e252b7a6c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 22:09:05 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Feb 2024 22:09:05 GMT
css
fonts.googleapis.com/ 		5 KB
754 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google+Sans+Text:400,500,700
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
db02d25f24b2b72ec96e6540ef451ccb8bfbdf9782937cc79547428578f63b98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 20:49:33 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Feb 2024 22:09:05 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ama_auto_prose&sts=ok&evt=place&vh=1200&eid=44787782&pos=UNKNOWN_POSITION&vpt=DESKTOP&pvc=1126258489724534
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 22:09:05 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
animejs.js
static.criteo.net/animejs/ Frame 3573 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:05 GMT
000SSkn7tdyZTxxcF88KnbV2MtFo8qa9goqidYOIKSC4SnUJhHvwTgOh8cwKTsdiYRKNVUvl1Z2P9bFnbICoZVCE7zeXbis9cFZzGrCDSMjOIPIFVd8ACBXldM4Mip1H39BEUTpiBn4nzzN5HN7RfPPjJ0Sa7NYVrow9hVnohm2QlXv2DWI1DtTgwbs9OjrhsSPPt...
imageproxy.eu.criteo.net/v1/ Frame 3573 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/v1/000SSkn7tdyZTxxcF88KnbV2MtFo8qa9goqidYOIKSC4SnUJhHvwTgOh8cwKTsdiYRKNVUvl1Z2P9bFnbICoZVCE7zeXbis9cFZzGrCDSMjOIPIFVd8ACBXldM4Mip1H39BEUTpiBn4nzzN5HN7RfPPjJ0Sa7NYVrow9hVnohm2QlXv2DWI1DtTgwbs9OjrhsSPPtTIAHdirRXXHlijO5rCBE90XN7Diy
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
72fa4dcf3a98c6fd3a25b46d7f16291d7d4e52385909bf3be91025fac876567e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
3034
expires
Sat, 25 Jan 2025 11:57:10 GMT
000WJillVJQcV9F8w8Bm70GeCOoC7Gv0YWrCPgzGHLZ1Vjf6eeIp3o7Lt4QSXup8txxLjTmHBsk5iSMzV0ZZ4CTB77hfIqewLunN9trL4nlb57DAnef23zuuud2wr4Gc11Tf3yiWOswAWLhNxEJNccgbz9U4RujxXonYlBd98QOQwWkR0i49XznmxuaUBqfqufoX5...
imageproxy.eu.criteo.net/v1/ Frame 3573 		63 KB
63 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/v1/000WJillVJQcV9F8w8Bm70GeCOoC7Gv0YWrCPgzGHLZ1Vjf6eeIp3o7Lt4QSXup8txxLjTmHBsk5iSMzV0ZZ4CTB77hfIqewLunN9trL4nlb57DAnef23zuuud2wr4Gc11Tf3yiWOswAWLhNxEJNccgbz9U4RujxXonYlBd98QOQwWkR0i49XznmxuaUBqfqufoX5xGcR9OwD4lJSoU7IIrKBQ5uQeG8OYdpa
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
25b47186a3d8d000d926efcd15043fccf642b766f02cd76240f59235654384a7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
64240
expires
Sat, 25 Jan 2025 11:57:10 GMT
000duaveYa5DseZdeQKFcdT5mdFXm1yH5ornb3TtJlsSNFz187dngyDoEYxRF1j7TrmxwnEtRlfPudUEFF0R69YL0b8SF0UkU0SRhOKLEfLgYiZgWxhXFlC9ZkzDVdZsN6uo0gKpUjfMLqCC7ggWbgAidFChhtPb0TzhmoKovG0zlIkOFxod6LT3kzeUVRHDTC3Fd...
imageproxy.eu.criteo.net/v1/ Frame 3573 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imageproxy.eu.criteo.net/v1/000duaveYa5DseZdeQKFcdT5mdFXm1yH5ornb3TtJlsSNFz187dngyDoEYxRF1j7TrmxwnEtRlfPudUEFF0R69YL0b8SF0UkU0SRhOKLEfLgYiZgWxhXFlC9ZkzDVdZsN6uo0gKpUjfMLqCC7ggWbgAidFChhtPb0TzhmoKovG0zlIkOFxod6LT3kzeUVRHDTC3FdHqUeTh6MRRi8QFoc8WBY8pI6Gs449ycewYsH0Al5QGDt3pzEm4CrugMX2YGB4v5N2LloAnq7mnMY8DFbL6e5vhptMZ2rhXVMe9VEAjzMrx3hv9cn3imp4w6u4eTAhz?b=800
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
89ffe0c0d6f7cd37f600facbcd2f09f40d8f053ffed82144b34ceec97f777de8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 4 Jun 2008 06:06:06 GMT
server
Kestrel
content-type
image/webp
cache-control
public, max-age=31104000
timing-allow-origin
*
content-length
70624
expires
Thu, 20 Feb 2025 15:07:58 GMT
all
csm.eu.criteo.net/ Frame 3573 		0
128 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=jNGM3_Lz9coQFugHnMHQFZ9m6VQzktL7Y-jJYzL3cJbMK65G6Hml8is6Gmbydg2u0mTvYGB0Gmq176_2I8cji6uSoFpNEhedI2TS-Xa75lxzYWrN8vl_Hqbqlrebxr4EBTU-lmasRkzkTbsXQOIJ9A8t2viFwmQLvXjvItaQiR6RoiBKNejCAKToI5k0UczRMzTLYkx-Q9kSD9gyGabTMjhUw8C3ukOkK7liIZUTuCmkSS9aQsY3aJX5prqEINl2LKgPPA&sds=2&rev=90787.5&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 27 Feb 2024 22:09:04 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3573 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:05 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame 3573 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:05 GMT
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame 8682 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.ipshu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 07:01:45 GMT
etag
9539045072340585784
expires
Tue, 12 Mar 2024 07:01:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
zrt_lookup_nohtml_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/ Frame AE9D 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202402210101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-8670212889350560&plah=tr.ipshu.com&aplac=true
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://tr.ipshu.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
54440
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4193
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 07:01:45 GMT
etag
9539045072340585784
expires
Tue, 12 Mar 2024 07:01:45 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2
fonts.gstatic.com/s/googlesymbols/v251/ 		674 KB
674 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesymbols/v251/HhzZU5Ak9u-oMExPeInvcuEmPosC9zyteYEFU68cPrjdKM1XLPTxlGmzczpgWvF1d8Yp7AudBnt3CPar1JFWjoLAUv3G-tSXmA.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Symbols%3Aopsz%2Cwght%2CFILL%2CGRAD%4020..48%2C100..700%2C0..1%2C-50..200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
23cbfad8728a2ba2e170cd58f607dfde8cf08b02a8762861328db1a61a914b48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://tr.ipshu.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:04:21 GMT
x-content-type-options
nosniff
age
47084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
689716
x-xss-protection
0
last-modified
Wed, 14 Feb 2024 22:31:24 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Feb 2025 09:04:21 GMT
css2
fonts.googleapis.com/ Frame 8682 		5 KB
767 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 20:51:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Feb 2024 22:09:05 GMT
css
fonts.googleapis.com/ Frame A275 		14 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 27 Feb 2024 20:25:32 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Feb 2024 22:09:05 GMT
load_preloaded_resource_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame A275 		2 KB
823 B 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/load_preloaded_resource_fy2021.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 23:28:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
81644
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
795
x-xss-protection
0
server
cafe
etag
4925184154378345226
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 23:28:21 GMT
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/ Frame A275 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/abg_lite_fy2021.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 22:56:25 GMT
content-encoding
br
x-content-type-options
nosniff
age
83560
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8947
x-xss-protection
0
server
cafe
etag
12299188824252842506
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 22:56:25 GMT
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame A275 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/window_focus_fy2021.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 23:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
83248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 23:01:37 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame A275 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 12:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 12:00:47 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame A275 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 21:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 22:48:15 GMT
eea50308dcf9de2b0c0fe89d3b5a5e83.js
www.gstatic.com/mysidia/ Frame A275 		36 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/eea50308dcf9de2b0c0fe89d3b5a5e83.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:08:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
46819
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15206
x-xss-protection
0
last-modified
Fri, 23 Feb 2024 17:19:33 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 27 May 2024 09:08:46 GMT
fullscreen_api_adapter_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/elements/html/ Frame 8682 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/elements/html/fullscreen_api_adapter_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:11:02 GMT
content-encoding
br
x-content-type-options
nosniff
age
14283
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6454
x-xss-protection
0
server
cafe
etag
7487576354850247333
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 18:11:02 GMT
feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8682 		205 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 20 Feb 2024 23:53:15 GMT
x-content-type-options
nosniff
age
598550
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
205
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 19 Feb 2025 23:53:15 GMT
settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8682 		604 B
920 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Wed, 21 Feb 2024 04:03:39 GMT
x-content-type-options
nosniff
age
583526
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
604
x-xss-protection
0
last-modified
Thu, 20 Jul 2023 22:48:00 GMT
server
sffe
vary
Origin
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
image/png
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Thu, 20 Feb 2025 04:03:39 GMT
interstitial_ad_frame_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/elements/html/ Frame 8682 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/elements/html/interstitial_ad_frame_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 18:03:41 GMT
content-encoding
br
x-content-type-options
nosniff
age
14724
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
9093
x-xss-protection
0
server
cafe
etag
981128176822753981
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 18:03:41 GMT
afr.php
ads.eu.criteo.com/delivery/r/ Frame C204 		176 KB
56 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
1869b1610552dcaa3e180091c863aa0738dc601656aef92c568bade57032bf36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1000
cache-control
private, max-age=0, no-cache
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
date
Tue, 27 Feb 2024 22:09:05 GMT
expires
Mon, 26 Jul 1997 05:00:00 GMT
link
<pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p
CP='CUR ADM OUR NOR STA NID'
pragma
no-cache
report-to
{"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=YV-gRvLz9coQFugHUSTmjLUqsOyRq5M7epTEqsebJVFb_VNPRfJ6ea3QHasTVQPs7zCeQAei5QRvwlztGl00E3DhG47RrqYT3zgwdDnTksfvnc99ko3PTSpXg-gamihGYXPXmMPyb9dTJmq7x_4_ZERfcwPoRydqiA_d9cJlWpPKTPxhvoYFtcStnGNcj9DqCewhZpTJxyj3uatLIHkYQ0cFXxk851KJGdsz9DczNwmTAOvb1fxJ-MUPMdsSqIkX-Dkr-g"}], "max_age": 86400}
server
Kestrel
server-processing-duration-in-ticks
60723784
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
window_focus_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame AE9D 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/window_focus_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 26 Feb 2024 23:01:37 GMT
content-encoding
br
x-content-type-options
nosniff
age
83248
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 11 Mar 2024 23:01:37 GMT
qs_click_protection_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/ Frame AE9D 		20 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20240226/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 12:00:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
36498
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
8211
x-xss-protection
0
server
cafe
etag
3968847549730513390
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 12 Mar 2024 12:00:47 GMT
ufs_web_display.js
pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ Frame AE9D 		204 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20240221/r20110914/zrt_lookup_nohtml_fy2021.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 21:48:15 GMT
content-encoding
br
x-content-type-options
nosniff
age
1250
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
62895
x-xss-protection
0
server
cafe
etag
vary
Accept-Encoding
content-type
text/javascript; charset=ISO-8859-1
cache-control
public, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Tue, 27 Feb 2024 22:48:15 GMT
ping
pagead2.googlesyndication.com/pagead/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/ping?e=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8670212889350560
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://tr.ipshu.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers
privacy_small.svg
static.criteo.net/flash/icon/ Frame C204 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy_small.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:30:28 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42ba84-6aa"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:05 GMT
adchoices_de.svg
static.criteo.net/flash/icon/ Frame C204 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/adchoices_de.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 11 Feb 2020 14:27:58 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e42b9ee-763"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:05 GMT
close_button.svg
static.criteo.net/flash/icon/ Frame C204 		308 B
636 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/close_button.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 14 Feb 2020 13:51:32 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"5e46a5e4-134"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
308
expires
Fri, 21 Feb 2025 22:09:05 GMT
back_button2.svg
static.criteo.net/flash/icon/ Frame C204 		293 B
621 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/back_button2.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 28 Apr 2022 09:09:48 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
"626a59dc-125"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
timing-allow-origin
*
content-length
293
expires
Fri, 21 Feb 2025 22:09:05 GMT
lg.php
cat.nl3.eu.criteo.com/delivery/ Frame C204 		43 B
347 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Jur6bk2ZLNg84fOdrv5-WwGyGRrGELO00yrpONWMRtB3P3G0_8qh3-et9PMdAWxq5AJbRys87pvnRJH4UlgdotmVsKp1aDjOsOVXIsciTMLUmV3f7Qalivty8jyEfJ-kttWrhAlDAi7jDUYH9BcytpvvzdHogPB_1eXS8a2eQj_5tmrQbg5o50jqfH5jSqw9JjOp9_3SwAa_0nTp8L6C0smpMiugADRUrh9JlODA8joI4woBGxzK01wlEaBv5ArzOrC8YIVrGVYJGOqeSfLua3hb3XDrtT7R1ZaXf5s5vNZ_ItfxOizx-jdf2dirZp1X84K4wp2GrMWRSqNr2hCyImHmWJ_CRGeY3UEppZrvxCShvRc6p7a3D4yNy53bjo8FlGqxXV35NDKj1ABNIN-5h3LraBBIE9URSJjNSt1WbP4qv1DXMPL2dP_KVXPGtym9m5iDfg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1776624
expires
Mon, 26 Jul 1997 05:00:00 GMT
webfontloader.js
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame C204 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2432085
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4420
last-modified
Mon, 04 May 2020 16:17:52 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb04030-30d9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=53%2BkXDCGEr4BpTEMYSFLRTuUTkQz5Mnytoz1GH4%2BklFUDXl7OXtfEKE9erystMrWLHVMXf7PXB622JMRh02JkeiqAl5p0MJ6j%2FLFfA4rmXcrscT%2Bz%2FuTRIueTuQ2fr%2FLkf%2B42yXf%2Fk1fiBqY9zrSUqPE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85c3c00c7918906c-FRA
expires
Sun, 16 Feb 2025 22:09:06 GMT
animejs.js
static.criteo.net/animejs/ Frame C204 		12 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/animejs/animejs.js
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:05 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Tue, 26 Mar 2019 17:44:11 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5c9a64eb-3181"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:05 GMT
all
csm.eu.criteo.net/ Frame C204 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=YV-gRvLz9coQFugHUSTmjLUqsOyRq5M7epTEqsebJVFb_VNPRfJ6ea3QHasTVQPs7zCeQAei5QRvwlztGl00E3DhG47RrqYT3zgwdDnTksfvnc99ko3PTSpXg-gamihGYXPXmMPyb9dTJmq7x_4_ZERfcwPoRydqiA_d9cJlWpPKTPxhvoYFtcStnGNcj9DqCewhZpTJxyj3uatLIHkYQ0cFXxk851KJGdsz9DczNwmTAOvb1fxJ-MUPMdsSqIkX-Dkr-g&sds=2&rev=90787.5&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 27 Feb 2024 22:09:05 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame C204 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/criteo_logo_2021.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 27 May 2021 13:21:59 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"60af9cf7-891"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:06 GMT
privacy.svg
static.criteo.net/flash/icon/ Frame C204 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.criteo.net/flash/icon/privacy.svg
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.eu.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Wed, 19 Feb 2020 10:57:21 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"5e4d1491-646"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:06 GMT
44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js
pagead2.googlesyndication.com/bg/ Frame B5BB 		51 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/44PM6F2LRizIL4ladRBx-1I5j3QE7-ThjqUhbEZlLBc.js
Requested by
Host: tr.ipshu.com
URL: https://tr.ipshu.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e383cce85d8b462cc82f895a751071fb52398f7404efe4e18ea5216c46652c17
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 09:10:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
46695
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19803
x-xss-protection
0
last-modified
Mon, 19 Feb 2024 17:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 26 Feb 2025 09:10:50 GMT
3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
static.criteo.net/design/dt/ Frame C204 		68 KB
68 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/design/dt/3753f6ac31b748bf945ad731cbf52c0b_skyscannerrelative-book.woff
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAErcYDognRAACBkgow0CN__K_ihpmNeg&u=%7CIEY60eQRgzBtVk66bAGYw%2FlUZLVB8NOIc%2BdmLJL0aPQ%3D%7C&c1=jWCgqsKSUoULMKFw69ROSSRlgYQIyhLzheJYiNKlyFrZYaP9DMbKXYUGVFbHeBgmX8ght8mGAchr0pUCzPjBhIkXjfbkquBLorR0M0tk7haO5Sey6jLKGPO4ZkMzQZ9zY3ZAtRjX24833gqGmoQjzaqB0hrBCP7Zr74-cKuMOe7CWQT7nc6ryFlkpOEqv8CLMcqK8oZwzFLiQLW3-icAddlEeSIYAiFkFlLWuj0iSFdmGi7NjYIZeMVrBgNcASqt1jOzOQQLkHiEEimtoYUH5j8azW8kItOGMlp8XB7rfHdg1rEO9287_l91FEdzq4xwAjo-jXKSLpRVuQbxPjUxTOGx2gebEu8H_EZHQ3UMXAXmtwGIhUFfXSv5_AapFITZtH1_ILJNqHAOC4dcjn1BxYhSwAS04zsV-_kD3pGJxOmYziVaoxNHB2J0Lwgih9Py91Sh1Ei1VkhESsx4c77IVw5POMPulOtGcJYFr31jyMd_Hhj3xYpn_zPBrmuHd-VZdveq-WfjHSZvWJuGlaALGRfZBIcMSKAEAGk1hIapNgdRtNPXNuU3IMP71994Z2ILT7kE2R0drC1Dbr5-NozhDnvbKVzz2y4uJtwGLBaorfQk7WySxaDP5_j_qwyH1KH66qWM0cRlIRaV94D_RDEKXA&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCHJFBgV3eZcbbEtGTiM0PkoOC-A7JntKxXJWil_dwwI23ARABIABglZKggrAHggEXY2EtcHViLTg2NzAyMTI4ODkzNTA1NjDIAQmpAuSln-wSM7I-qAMByAMCqgTDAU_QlkiErhjrE_gKFZQGuXWJJlLK4tBVfr_Oif6X0K_dmiZwvLxzs4n1LxwG0ydeg0lqpXtr00X6VQEvTCk5rVHEdvaD0MQVVXY5tksVpdaC8zNXmiAnH4Lg2rZaMxY9NsbaM9fzcszrgo9-PmSqEs3mMgTOOe8V95BJgqj8YQCE1hF3TUa_p8IIWBZkHl2nJLs0xBuHZE7KaEWj_jDsX4gyfFP_3k8_HWY2kZFJ_xV0-8-QYvXva9NtzQrtcE9neT_kBYAGqpiR3f3Lq8EroAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljCgJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2KG3kRhCiLQfuYpK8zP25j9UN4Bw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
da1ade3e8c604cedac82d169f6fdf4813bf7da19d152ee1c11066e47e31d514b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
Origin
https://ads.eu.criteo.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 29 Jul 2021 10:27:15 GMT
server
nginx
cross-origin-embedder-policy
require-corp
etag
W/"61028283-10ec0"
content-type
text/plain; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=31104000, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 21 Feb 2025 22:09:06 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20240221&jk=1126258489724534&bg=!OjmlOXbNAAZ3BdUuVwU7ADQBe5WfOA2NeBu5l0RYD3-Sv-nA-0FR0I9l6J1pPDoqdAhwFbqNEywdU1YKccbr3MO0tXKOAgAAADtSAAAAAmgBB5kDBrkzWUP5uZUZpzLv4AOUm0emg61WdNSAjANSWXDf40PfgLxtFtpNUh-R6I2wPeU7V_L0jJNrkKkbaZx8sZOaIgxzSjDFzMxvkHMwhmXh9tY0vYoiiqE2zAAOUFnntYBV5lxWAYypT9NUijuV3QZolT3v861oyWwuhza2XlnLWXJ0LOJToG1t6MoDMOSLhcA9F5ggpw9-RscV0zp8FWToba8Nm8MjLwjZ0aN8D8F9L8LZyTepV7t7k2LcPMCjUEIcIOQEIx4FDrtVr37FK5-O8D9BeJfZTTkjeOg7oH8qF0gyNvXd9zAbDvnBq8myEig2PCQk41rbtOyC3xd2qfQ_ElLgb57EIDJ6pMIF8ay5XiS0IEQpYf7rBW1Q3jgm90WjaOfORsvtMHL11e3eUgK2QZ5kSzjNpelUpsOELx-dLkrWH1wP13P0NYDBWQZ2mS4z0DMIUtW3Flsl6xpcYf6tO7-E2fgqdV5zwgwgbuBQ8BBqS8f4y83RM9_2tRqN7oSh4L3IUeoR7H-xa3Vv2iAIeNEWnvGwwus5urY8ipI3fRS0hjUMrF0RR2qGG7r_frtCXRu-HwXNd6yUEJ3zIlSv5GnN6ZO9J1uXlJ_Oaa8phR6wUzZLqdYQGgZ74oFXeRvYVc4lMObFaiFy1yF8r7aJv9aHPNKM7A0MMylLyCMpJGgm_-d_h_kdX4USS2xRGxs58CS4w6wINU8UqOdIt5lobVNuEQ2hr3sdcbGws8ISQPQqpVt8YjvEHhK7mwpmxy5DToae4Jghu22BagBZ8KlA7vr6eVD0yBTuV_39jrJAMQ6mWlpeW3nrcBwl0mQ6iC9tnGYwcpDH7Pgq2K1CzCRrjRkY08FiK6-uEOebtO1KoZZ1N1tcf8LLvyvKhv88qFZFbdFtiQacBfV2xm5dYNG0lrmP8ubTrTZ_qoe7E3-x4M_ra_wYgOehI3Tk57Xbvh83Ef9M1IOZygXthPnH70rXMdVivbm7Aq4DLrKEV-iBcV2pIUADngPsxj4dMXYkZOx_R95NhU01Nw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tr.ipshu.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers
globs-zh-cn-df9c8d5f.js
chat.tongchaba.com/assets/ Frame 9EDB 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/assets/globs-zh-cn-df9c8d5f.js
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/assets/index-d1f50981.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
9269da2a1c81dd451db7c034af39657e53803d3b9e9dd8dfad7d336e899d4a50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://chat.tongchaba.com/assets/index-d1f50981.js
Origin
https://chat.tongchaba.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 08:02:55 GMT
server
nginx
etag
"65814e2f-537"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
1335
expires
Wed, 28 Feb 2024 10:09:06 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 7D27 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuwriujXPUdij4cNx_XQUFfrVLA5Fj1jAJ5eXFUtmiD_mAXE9fDZ_t1zvoYL8fXO-nslfBGq0p09TFvjUNlyJuDFSPmoT9TytoOeamDoxB4XUV7MxQdCIi4PFUUpthL9zZtUa2SRMI7W0Y&sig=Cg0ArKJSzDYBOsbeFqG5EAE&id=lidar2&mcvt=1000&p=0,0,280,1200&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20240222&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2479671159&rs=2&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&vs=4&r=v&co=500454500&rst=1709071745280&rpt=413&met=ie&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=8&io2=0
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/activeview/current/ufs_web_display.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Feb 2024 22:09:06 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
font_3135462_5axiswmtpj.css
at.alicdn.com/t/ Frame 9EDB 		750 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://at.alicdn.com/t/font_3135462_5axiswmtpj.css
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/assets/index-d1f50981.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2404:2280:1cc:0:715::3fb , Singapore, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software
Tengine /
Resource Hash
8cbb3e51f45cd2fee3cd15e9b536d427c8d3317cafa79579838e0a375e88307d

Request headers

Referer
https://chat.tongchaba.com/
Origin
https://chat.tongchaba.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Mon, 29 Jan 2024 07:46:22 GMT
via
cache9.l2de2[0,2,200-0,H], cache20.l2de2[3,0], ens-cache8.de5[0,0,200-0,H], ens-cache7.de5[1,0]
x-oss-request-id
65B757CE9A18D63638498DC2
content-md5
UWJmoRrWvH/F9xf5kmWznw==
age
2557364
x-swift-cachetime
62883020
x-cache
HIT TCP_MEM_HIT dirn:12:409901253
x-swift-savetime
Wed, 31 Jan 2024 12:16:02 GMT
content-length
750
x-oss-object-type
Normal
last-modified
Sat, 15 Jan 2022 06:41:58 GMT
server
Tengine
etag
"516266A11AD6BC7FC5F717F99265B39F"
vary
Origin
ali-swift-global-savetime
1706514382
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=63072000
x-oss-storage-class
Standard
accept-ranges
bytes
timing-allow-origin
*
x-oss-hash-crc64ecma
7422678705305456007
eagleid
a3b55c9b17090717468572611e
x-oss-server-time
1
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ Frame 9EDB 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/assets/index-d1f50981.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://chat.tongchaba.com/
Origin
https://chat.tongchaba.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1725451
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=85Ew9mxZOWoY2aGUnsUhtfke%2BWcuJIJBr1UarmEOOxPrvz4C8%2B09DUiFOM09VdG9Rqru8E03bOUpL7SX7AcnfXAoGDCg7ElWmFGVM8fU0CiMeLV3Pn5Xi0axN%2FelggldVdUyiK0MJOEsdW%2BFBbqbAo6g"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
85c3c011ac1b9162-FRA
expires
Sun, 16 Feb 2025 22:09:06 GMT
zh-cn-572d9e7d.js
chat.tongchaba.com/assets/ Frame 9EDB 		256 B
469 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/assets/zh-cn-572d9e7d.js
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/assets/index-d1f50981.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
30717266454ec6c4168bf9a54e3454aa9a10d3a4577d8f82603949ebca32484f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://chat.tongchaba.com/assets/index-d1f50981.js
Origin
https://chat.tongchaba.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 08:02:55 GMT
server
nginx
etag
"65814e2f-100"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
256
expires
Wed, 28 Feb 2024 10:09:06 GMT
chat-27a286ec.js
chat.tongchaba.com/assets/ Frame 9EDB 		6 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/assets/chat-27a286ec.js
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/assets/index-d1f50981.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
c40c7a571948daaa4d1973feef4358e9518ff3fa5fba3cd8ec575d5631333bd7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
Origin
https://chat.tongchaba.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 08:02:55 GMT
server
nginx
etag
"65814e2f-18c5"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
6341
expires
Wed, 28 Feb 2024 10:09:06 GMT
index.vue_vue_type_script_setup_true_lang-b4d4ea7f.js
chat.tongchaba.com/assets/ Frame 9EDB 		382 B
595 B 		Script
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/assets/index.vue_vue_type_script_setup_true_lang-b4d4ea7f.js
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/assets/index-d1f50981.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
51bf65b4772fe740a57f6e52aa6742d9243d11cc1d34b2293552dedd6e4d9dcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
Origin
https://chat.tongchaba.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36

Response headers

date
Tue, 27 Feb 2024 22:09:06 GMT
strict-transport-security
max-age=31536000
last-modified
Tue, 19 Dec 2023 08:02:55 GMT
server
nginx
etag
"65814e2f-17e"
content-type
application/javascript
cache-control
max-age=43200
accept-ranges
bytes
content-length
382
expires
Wed, 28 Feb 2024 10:09:06 GMT
all
csm.eu.criteo.net/ Frame 3573 		0
127 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csm.eu.criteo.net/all?cppv=3&cpp=jNGM3_Lz9coQFugHnMHQFZ9m6VQzktL7Y-jJYzL3cJbMK65G6Hml8is6Gmbydg2u0mTvYGB0Gmq176_2I8cji6uSoFpNEhedI2TS-Xa75lxzYWrN8vl_Hqbqlrebxr4EBTU-lmasRkzkTbsXQOIJ9A8t2viFwmQLvXjvItaQiR6RoiBKNejCAKToI5k0UczRMzTLYkx-Q9kSD9gyGabTMjhUw8C3ukOkK7liIZUTuCmkSS9aQsY3aJX5prqEINl2LKgPPA&sds=2&rev=90787.5&sendBeacon=true
Requested by
Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Zd5dgQAEyrwDogqkAAkxbNkDTdGN7LE3FygFXw&u=%7CIEY60eQRgzDz3cy4f8rgXmyRFMzQlHEwQ%2FK0K9Tx3VA%3D%7C&c1=jWCgqsKSUoWKRvDssmEQ3dRte9oWhU873PslWXxlgwqyDsvBp4X-0QD3WoDqftjeOi_RL70L9wdIgFiWtf74X9gC7xxZEHJZkZIuZAdrqJ1eh5KAMftgRxNkvNU_EVeEMAxLYargRPlxJzlFGIvilIQiDr9HxClud5myBzPapSkP_H-nMonB1X2kzbY5z9QYf0B2C3CKW2nWLgURnbO0WWpLVGg8BrB6MtETfkcDxWvSroGBP83ZZ3FnjuBBeq-Rvf4n3gc5bmua4gF1G6b2Hn5TC_cC_YTHG-mG9qD2kVtidaDjQP_V5R7aRlTzGCJymERCizmxM0Bu4czkwahafFHiiScemxvawaDWr_f1J2JOadwL25r-6KzZsR-j6WNn7w3Rbku6nESVIy8xXsix4c3mnaTmfVX_-Sc-XCDbY1MLrWeTbDo7SBGv2YZEnCkhrI2ltXxPRySpPGJbNQjEpv0CqepdUtl3X_NVGva-6PFgy3HNxw-fN1QCf7tG1JxWTUOOD_6EC5_XtgbdrFuCnAIjfWCkTIKBWj9Am1fNKk1d8mImNW56msT0RrNAFopy4I9Pofe3YHhweTUttbhIwBByplKTHwSMjn57qUFdEbYiL0ki88sqAG_oqnN33H3B5ChuwPq3is-FXFr6jVHVFGGzlg8P3y5A&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC3hTxgV3eZbyVE6SViM0P7OKkqAXJntKxXLWY49aTAcCNtwEQASAAYJWSoIKwB4IBF2NhLXB1Yi04NjcwMjEyODg5MzUwNTYwyAEJqQLkpZ_sEjOyPqgDAcgDAqoEwgFP0B3RA-0fFqOZcM8Yl3kG2Opo-DzX4pWXeXiNcU3b2XxGgF2DQjWNduzd75norm0TyNjPTQp5UKCorZsHUAK3QX5i2C8qjsAVaQKZqSmYp69HAh_TR6WTHI1CQjUQSLXBHVDyX2XFd5RJ70eVEEc_CUlyWPWJSGV4WyurRMZ-QIDcvfICBznf-12ikiBTKZxv4ysO1CB2RGw48VOVeR27UQXTq8voXJxoer3PINPCyfsanxdIlyu8uXZ7naPlGV8bA4AG4aKT4KOmwOAEoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAqgHrb6xAtgHANIIJwiR4YBwEAEyBeuLgIAgOgmAQICAgICAlAhIvf3BOljRxJiyxMyEA_oLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2N8OfgqgfCKPrb8GBSWad_iwXppw%26client%3Dca-pub-8670212889350560%26adurl%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Finatra /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.eu.criteo.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Tue, 27 Feb 2024 22:09:06 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Finatra
content-length
0
chat_init
chat.tongchaba.com/api/chat/ Frame 9EDB 		627 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://chat.tongchaba.com/api/chat/chat_init
Requested by
Host: chat.tongchaba.com
URL: https://chat.tongchaba.com/assets/index-d1f50981.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
115.28.212.167 Qingdao, China, ASN37963 (ALIBABA-CN-NET Hangzhou Alibaba Advertising Co.,Ltd., CN),
Reverse DNS
server-aliyun-jinjie-ecs-0.jamesqi.com
Software
nginx /
Resource Hash
6fd13d041a7a521dda357b336565698f2ecdf9c4bdd96c4efbde93d2fe6b1547
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept
application/json, text/plain, */*
Referer
https://chat.tongchaba.com/
think-lang
zh-cn
server
true
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.6261.69 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Feb 2024 22:09:07 GMT
strict-transport-security
max-age=31536000
x-rate-limit-limit
0
server
nginx
x-rate-limit-remaining
0
access-control-max-age
1800
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://chat.tongchaba.com
x-rate-limit-reset
0
access-control-allow-credentials
true
access-control-allow-headers
think-lang, server, ba-user-token, batoken, Authorization, Content-Type, If-Match, If-Modified-Since, If-None-Match, If-Unmodified-Since, X-CSRF-TOKEN, X-Requested-With

Verdicts & Comments Add Verdict or Comment

63 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| __cfQR object| __cfBeacon function| gtag object| dataLayer string| language object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_tag_data object| google_reactive_ads_global_state object| adsbygoogle object| google_sa_queue function| google_process_slots object| google_ama_state function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter object| google_tag_manager function| $ function| jQuery string| google_user_agent_client_hint object| googletag function| onYouTubeIframeAPIReady object| gaGlobal function| getrequesturl function| getipaddress function| getcomment function| ClipboardJS object| chatbaseConfig boolean| __cfRLUnblockHandlers function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages function| embedChatbaseChatbot object| GoogleGcLKhOms object| google_llp object| googTempStyleOverrideInfo object| googNavStack object| googFloatingToolbarManager object| google_pso_loaded_fonts function| AFMA_AddEventListener function| AFMA_RemoveEventListener function| AFMA_AddObserver function| AFMA_RemoveObserver function| AFMA_ReceiveMessage function| AFMA_SendMessage object| AFMA_Communicator

3 Cookies

Domain/Path Name / Value
.ipshu.com/ Name: _ga
Value: GA1.1.1472469700.1709071745
.ipshu.com/ Name: __eoi
Value: ID=cf4d31a2868736e9:T=1709071745:RT=1709071745:S=AA-AfjZya4u9Gn5jMOnx-fFx0sHj
.ipshu.com/ Name: _ga_NFGF51SSN3
Value: GS1.1.1709071745.1.0.1709071745.60.0.0

1 Console Messages

Source Level URL
Text
other warning URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8670212889350560&output=html&h=280&slotname=5232981891&adk=2479671159&adf=2913177901&pi=t.ma~as.5232981891&w=1200&fwrn=4&fwrnh=100&lmt=1708666804&rafmt=1&format=1200x280&url=https%3A%2F%2Ftr.ipshu.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1709071745148&bpp=1&bdt=1004&idt=129&shv=r20240221&mjsv=m202402210101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=5945038737496&frm=20&pv=1&ga_vid=1472469700.1709071745&ga_sid=1709071745&ga_hid=1163903255&ga_fc=1&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=95&ady=467&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31081349%2C44785294%2C95325069%2C95323761%2C95324161%2C95326437&oid=2&pvsid=1126258489724534&tmod=52869811&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEe%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=132
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
at.alicdn.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
chat.tongchaba.com
csm.eu.criteo.net
en.ipshu.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
region1.analytics.google.com
rtb.nl3.eu.criteo.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tr.ipshu.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.26.2.98
104.26.3.98
115.28.212.167
178.250.1.6
2001:4860:4802:34::36
2404:2280:1cc:0:715::3fb
2606:4700::6810:3865
2606:4700::6811:190e
2a00:1450:4001:806::2003
2a00:1450:4001:80b::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:813::2008
2a00:1450:4001:829::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9b
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
013d260aef31b60580fe317c2fb257a9e4ce146d1218102378d91576828d86e2
01ca1c262a8ab2a575339980ccf6960ec893c99a00a52081d7ede108adacab8f
01ee09d4737fa546dbce90c0e3527462179fe7f558a6b74c2a10fb6fcafa8853
068123d4c4589cecb90523791256c9c9277a306172601593fd9b6414420056f3
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aad2b47719e51dc5b8545f17917ce30252d644f09d5bcbf52c5bfd571574b52
1626706afc88d95ebe1173b553ec732c6dc82a576989315fdf5e7779af738a44
1869b1610552dcaa3e180091c863aa0738dc601656aef92c568bade57032bf36
1be58ac66106f8f26b344b506dbca6968b96606a5bb9f89dac5678dfaf9522ff
1e16d425a18476980d542028decba232be9a0a6fe80e507c199ec3e35a5db573
23cbfad8728a2ba2e170cd58f607dfde8cf08b02a8762861328db1a61a914b48
25b47186a3d8d000d926efcd15043fccf642b766f02cd76240f59235654384a7
2af78d1405ae71773b00dd832220b3497121ae09af33c94ff6cc89718c9a19b2
2c4ca5df2081d2a45f0d96b673e7d99ced36138a9142f2b334dba00590bcfb6e
2dc96c6096e1af6af485d9964b65e7a4267d3e08779b206154a52742535b75b5
30717266454ec6c4168bf9a54e3454aa9a10d3a4577d8f82603949ebca32484f
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
333f13f2d393946ceb2d500c1a1a7f43ad330225b85962026bc8d877f8f67420
400a785b0121cf9395a13a0c75c5947e7844e7052ec9ad8b4e15ef1d1db9205b
41d2526e9c4595fc1fc747555bda18a041033a863a9b2ed180e7b5836918facd
45a2a8f6b11ee5652e134b0b6c7a48998958fee91631161ca970676eed798643
47ce859f7f0f545825c8ab983547bbf88d0de3f52afebc7a1ccc0611661df70d
4801001de69f4090b0d621edc8d59a10e7dc51e832e82904b7a0538696aa2e05
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
51bf65b4772fe740a57f6e52aa6742d9243d11cc1d34b2293552dedd6e4d9dcd
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5731223d418781cacce3c66f5440003ca1ada422b45c2aa51c313274e25fb042
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5efd17aa9600929f5517878dd267b6fdfeca37478d6987b5d75caec4f1e4b1a8
6153d13804862b0fc1c016cf1129f34cb7c6185f2cf4bf1a3a862eecdab50101
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
628752823728c98087a38cb07a2db44eb34acdc7e8d69d1e84281ed774eade67
62d6ac650803454ea6edb7a79abe391bf6d4d7846f9c7524d8ecd756e640527d
6f5322d394927ffe454d7c930f3db649db0c1d9426e51ed8971638a0e96798f2
6fd13d041a7a521dda357b336565698f2ecdf9c4bdd96c4efbde93d2fe6b1547
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
72fa4dcf3a98c6fd3a25b46d7f16291d7d4e52385909bf3be91025fac876567e
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
847aab26e0393eb80a5ebd5b3192c1e71d04a77e11b6a67026c6b362c46bcb4a
89ffe0c0d6f7cd37f600facbcd2f09f40d8f053ffed82144b34ceec97f777de8
8a33861cdc370b2db8442132658b06069640881bc90f369feca9b30c77e5f460
8b1159376dfa69813c0f22eb9354a8535fef7dcf9466c23614883cdcf5191fe0
8cbb3e51f45cd2fee3cd15e9b536d427c8d3317cafa79579838e0a375e88307d
8ead0546c4ac00bbc4f428044cff41dfbcc639ab44a3f3af2c0a7a4e34c7a5dd
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
9269da2a1c81dd451db7c034af39657e53803d3b9e9dd8dfad7d336e899d4a50
979bb9b1aadc56ca36931ca9ce6457a194d4474bf0a8b77fa5961b504900a1d2
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a6d45029c3d7e828fdf87a47f6aa595e42105101d6b7b4209d551c45b172c9da
a6ee58f60c407b083623fdc4586ae66d10f4586920a825a74e26762bc262eefd
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a86d26e0a9759e5d6b482f102d7cade65f3dbe4792972bd59caa9966b9ff568b
a8d2ff13dea89592adbc9bdee4c1a074281ada0f70826c74986e6d36449f67f3
afbbfadb7b853cfb48ee537796b8c7d1fbccd844872378f4a957805198b35723
bb251a47a901a785ad6b2ad92f727b5fa0c57af8944e24b17622a0d8c028c6e7
c40c7a571948daaa4d1973feef4358e9518ff3fa5fba3cd8ec575d5631333bd7
c9ae9286001686b469a251b96dd39bd4089726bb6694a23b7ae5e1c0e1671286
cc17cce5ff6aa9e52ccecc02e7988ad670b765c6b2efc367235b60833100f0f3
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
cd994dce8bea165653624abcb7a12e102c61d1c9e5d011b430617738bd467079
d25d8b3c2a315a4d7c771899bf410bb99d361f56b7cbe3c8c35b49391ea25b6d
d78aa49dd31e96122abe451c577e39b3a5e09393090c91d263b8dda13a547b97
da1ade3e8c604cedac82d169f6fdf4813bf7da19d152ee1c11066e47e31d514b
db02d25f24b2b72ec96e6540ef451ccb8bfbdf9782937cc79547428578f63b98
dd7e36987c0c6f67d63dfbd6156361c7a4d7862b492e26b375b2acaa657f2fd9
dfa3926686ced92134e737a42c6c28951899c44ec2308ea2ec305f79ceafc7eb
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e383cce85d8b462cc82f895a751071fb52398f7404efe4e18ea5216c46652c17
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7afde571c53d192943a40b3b7f109e698bb47e6d6424bc7d1f53a7cb9466360
edd0a6dead210b4097576794e0d845faaf2ab24332f352c24efb74166f745f6b
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efaa0188e97b9c2c5731242b6d8eadbdc2b4fe2882164268d9aa3842ef7fb257
f04b496cdc667175486b3647af64c7beb002f3351f4f13aacd86f63710370cf3
f16ab224bb962910558715c82f58c10c3ed20f153ddfaa199029f141b5b0255c
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
faaf6e8d4ce67496f0a2dd3bd00fed70e2b4b59276d88acc3c9b3b2807f138f3
fc1ef266d44e50168fc09c5d1b8dc510215b0ce6c8032e004482525e252b7a6c