donpress.com Open in urlscan Pro
148.251.159.186 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://donpress.com/
Submission: On January 05 via api (January 5th 2023, 5:26:52 am UTC) from TR — Scanned from DE

Summary HTTP 104 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 26 IPs in 6 countries across 17 domains to perform 104 HTTP transactions. The main IP is 148.251.159.186, located in Germany and belongs to HETZNER-AS, DE. The main domain is donpress.com.
TLS certificate: Issued by R3 on November 17th 2022. Valid for: 3 months.

This is the only time donpress.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
25	148.251.159.186 148.251.159.186	24940 (HETZNER-AS) (HETZNER-AS)
7	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
3	2606:4700:10:... 2606:4700:10::6816:46c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.187.81.41 185.187.81.41	43332 (IDSTRATEG...) (IDSTRATEGY-AS)
2	2a00:1450:400... 2a00:1450:4001:806::200a	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:36::178	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:828::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::b 2a02:2638::b	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.160 178.250.0.160	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
104	26

25 148.251.159.186 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.159.251.148.clients.your-server.de

donpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:10::6816:46c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.187.81.41 (Ukraine)

ASN43332 (IDSTRATEGY-AS, UA)

s.zmctrack.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:36::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:828::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::b (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.160 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
28	criteo.net static.criteo.net — Cisco Umbrella Rank: 743 pix.eu.criteo.net — Cisco Umbrella Rank: 5392 csm.eu.criteo.net — Cisco Umbrella Rank: 5670	263 KB
25	donpress.com donpress.com	1 MB
14	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 145 tpc.googlesyndication.com — Cisco Umbrella Rank: 187	222 KB
7	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 stats.g.doubleclick.net — Cisco Umbrella Rank: 179	25 KB
6	criteo.com rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 9945 ads.eu.criteo.com — Cisco Umbrella Rank: 5530 rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 11057 cat.fr.eu.criteo.com — Cisco Umbrella Rank: 7028	93 KB
5	gstatic.com fonts.gstatic.com	67 KB
3	addtoany.com static.addtoany.com — Cisco Umbrella Rank: 4857	28 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 356	10 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	95 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 142 www.google.com — Cisco Umbrella Rank: 16	2 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173	89 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	2 KB
1	google.de adservice.google.de — Cisco Umbrella Rank: 5450	792 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 1011	695 B
1	zmctrack.net s.zmctrack.net — Cisco Umbrella Rank: 136229
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	43 KB
104	17

	Domain	Requested by
25	donpress.com	donpress.com
16	static.criteo.net	ads.eu.criteo.com
9	pix.eu.criteo.net	ads.eu.criteo.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	pagead2.googlesyndication.com	donpress.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
5	fonts.gstatic.com	fonts.googleapis.com
3	csm.eu.criteo.net	ads.eu.criteo.com
3	static.addtoany.com	donpress.com static.addtoany.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.fr.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	donpress.com connect.facebook.net
2	fonts.googleapis.com	donpress.com cdnjs.cloudflare.com
1	www.google.com	tpc.googlesyndication.com
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	googleads.g.doubleclick.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	s.zmctrack.net	donpress.com
1	www.googletagmanager.com	donpress.com
104	25

This site contains links to these domains. Also see Links.

Domain
t.me
www.youtube.com
www.facebook.com
www.google.com
twitter.com
vk.com

Subject Issuer	Validity	Valid
donpress.com R3	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-04` - `2023-06-03`	a year	crt.sh
s.zmctrack.net Sectigo RSA Domain Validation Secure Server CA	`2022-04-20` - `2023-04-25`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-14` - `2023-01-12`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-19` - `2023-03-24`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-22` - `2023-03-26`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-12-07` - `2023-03-12`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-08` - `2023-02-04`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-01` - `2023-02-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh

This page contains 11 frames:

Primary Page: https://donpress.com/
Frame ID: 6996A8DA79256462785E97812CFF3040
Requests: 47 HTTP requests in this frame

Frame: https://s.zmctrack.net/z
Frame ID: 1A6DE5625C29BD18BA463F54590EDC62
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html
Frame ID: 1EF67A8BAFBCEF1496E06513F3D6BD12
Requests: 1 HTTP requests in this frame

Frame: https://static.addtoany.com/menu/sm.24.html
Frame ID: EE1F20FAC70B76B76640CE223B44B191
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&adk=1812271804&adf=3025194257&lmt=1672858633&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fdonpress.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406890&bpp=4&bdt=152&idt=233&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1119565076999&frm=20&pv=2&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=263
Frame ID: 5064112D014F629EE791DA4C553E707E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=3613780203&adf=2779282261&pi=t.ma~as.3685009526&w=734&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=734x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406994&bpp=18&bdt=256&idt=174&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=883&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=87j41mYr7C&p=https%3A//donpress.com&dtd=179
Frame ID: 778BB335D0D135967D6590AB87DD2E9A
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=2819269942&adf=609818460&pi=t.ma~as.3685009526&w=485&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=485x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896407039&bpp=3&bdt=301&idt=148&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C734x280&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4xrI3oeqcO&p=https%3A//donpress.com&dtd=153
Frame ID: 37757F1228D0C6B5DAD01E0537491E31
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZflwADQQUK4DWLAAOdvx-bpU9Dn4pBTznjxg&u=%7CYzETS3je%2B3sKS5OPEnfzgeFnfnkrbnCTZAlrIqEt6nw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkMNeCeSHZReLtX59hqoNgeBPrYiGwtiIfZ6miszNFYnADnNg6mH75V4mdmAweOawLvYI0KVIqEX1QYwne1ufQhar-5ECd2VjiDAkpvAKYA-j3B5L3PeeGLgktnfPMDk4JgknVNoj4GR7NVhBMwXXDWEbI6TktUfyMZlS53IpwH5xfqg-G8Ag080-69pPsri0CTz_7hGWV7kOP8eDIW4bZa3ymaOk9KvBWN7cqumY0FSiUSyxN4Bk3MaH63uiomjFG6GP9n5Ro2Fr3rdTEuoihjpLjcif5FOABFYXhYcjz38zEIG-JXj1wZrZZBRxFoJv_xlRHn52b7SwvJOZTP2Ae3LYdM-pnR04hBJn4p8PQnFG9k5NSya0u1wtlSMb4gt-LtyJDGcd5lLQYMD0qhvvI9GgTCmUswZ_S9uMlqtxQkpxGHVesV_VEehGJ0H66tM1aZvhuV-531LoOjgmhLHaUCUOx2owdO1U4NnSCtiOsGKheYqPvx7mBZT7vo0KlUsNNPygHEXZSbXwxMqqW-Sum213GyjKsFmvwsqxvxUw03AAu1H-VHLzB6N_TdMz2z0r7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVeAQl1-2Y4WCDYvrgAe_u47wB8me0rFc1fbi1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTQzMTgyMzA0NjYzMzQ1OTHIAQmpAgZhoAiUyrE-qAMBqgTsAU_QwXRzQvIXRaX4jPAHl1XUygnkphQGRaOX5ur0QgbcyL8t7xXG1_TAtke5X5CeF0EoEjBOGHTD1-5a9iUYThZUqodCpenjGUYhNSJrysLGiGTILZ2oYnkCAEJYQk90NNcIfeRxDPIXgjnElbobcfpMoq79jiGk02LN4f3bBNt5NhIzyIdbDXbNe2w2I8OKRLKZKXubJhFaPL-VIZosLE3wTSQBEFIJXaeBiS5lHcn6yrxQrkfGpe2y8zETEcplIW1PUv-Jkew32o3v_KN4dMTVFJb-9zXrjuep0f9swKuz9RFvEDCdzhg08QyDgAbv9by2-rK-04ABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2h04UcxfHCV5aotsLQK2njsdzvgA%26client%3Dca-pub-4318230466334591%26adurl%3D
Frame ID: 2475D09173BC3235D1F070DE871E8DBC
Requests: 17 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZflwAC_k4K4HAQAA5D-_ev9dJ5mNHamm-Dlw&u=%7CYzETS3je%2B3ufwoHCv0JY1jNljiy%2B%2FdxwfTaSjXy0a4c%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkMNeCeSHZReLfxIC2V_PWMrILVmE8rfv2yP1-vCG-N2X6Ev4alzF1Z6BIkpKdgpzalPY0iwtcOb1GgXl2m6dNoQIpXrPKLlyFKp6JtOk2CSTszJqG7550vd0n0-n16A_45OzaTY_QpnA2PCPLmd4oxxjyRc9_yd84uwQwFoWQKab3jhS9rUVGJryxe7XddOzSnxXSoaXX_ts8m968VczSHHwOJgFH_XO0UDMrrU6COINb-h2lMBQ9qj1HtCaiClSkLSNxm4ii6YHM-Eu_P7rN5Dw4Iyuyg_bvE5rGwUOZ7x_1dZQdgTi1b4DvZykfDW97q4W_4fO7_gz08aBgTRMqKkydUfG3orUoUCZ6USxnrFxGty17jitnPUsq94oTdbnsVDz5GjABawLfH8nlvQogR453rRKXRBNomWIRlUw4Jqm08nY7buVyCgLjfkuQcveRRPd2Nisi8dHFZlLwa170O9TtzQmdmj_G-2NlXlS6AH-8XxufMqiE8CrclKwcr0RxSx8yL_j3hahV--e_DB1XML0WSRr0dOef0zXtifK__Y1wDaplXUGUu0H-v7EP1KalQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4oyal1-2Y878C5DggQf7h7mYDsme0rFczeGS93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDMxODIzMDQ2NjMzNDU5McgBCakCBmGgCJTKsT6oAwGqBOYBT9CqCbTJ4JdoppN4baQIyi51FkNfK0LqMrgBzY7UCCMzyo5JrCo51JEEWK0PdWmyuAWQn-nsnBcgObcLENumqR8BvGVRlEMoEZCeH_ed3smw7GEIvimj0JjeANObNreQpzL1m0X0PE2kR6aCGN-QqtHUOUQYz8GkjlL8sxffJSZsYAEnNfHa2NOR0Q1wnuQCnLtlPokfEEXOKeZbNnRFRHJO3YDCD0x1JCZHnYVEl46saOr2UQgofEw1RxtwkXAZosMogbIWbsr-Nt-syiOnPeOWxJgpBObu624GWI2_eoWjeqVXIGCABueJwq6lj9OAfqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1rozf6GVslv3j5Rfaspq5G6p0Cbw%26client%3Dca-pub-4318230466334591%26adurl%3D
Frame ID: 49D51B07AEBBF0E1D1CE7ABCA411EB7F
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 1F5B949F7221A3A8FC9A054FDD5CB694
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 63EB09773A59729D37E1CAD895A72679
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

DonPress.com

Detected technologies

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

addtoany\.com/menu/page\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

googleapis\.com/.+webfont

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Page Statistics

104
Requests

100 %
HTTPS

88 %
IPv6

17
Domains

25
Subdomains

26
IPs

6
Countries

2450 kB
Transfer

4186 kB
Size

7
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://t.me/donpress
Title: Канал DonPress в Telegram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/channel/UCNzORnElcyE2myzRLg5JHDQ
Title: Канал DonPress в YouTube

Search URL Search Domain Scan URL

URL: https://www.facebook.com/smi.donpress
Title: Страница DonPress в Facebook

Search URL Search Domain Scan URL

URL: https://www.google.com/+Donpress_com
Title: Страница DonPress в Google+

Search URL Search Domain Scan URL

URL: https://twitter.com/DonPress_com
Title: Страница DonPress в Twitter

Search URL Search Domain Scan URL

URL: https://vk.com/donpress
Title: Страница DonPress в VK

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

104 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
donpress.com/ 106 KB
19 KB 96ms
20ms Document
text/html 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

b84df078ffef5f75e26dccb815a5c171aa52f702385070041a1c3411db0ff3a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=60, public
content-encoding: br
content-language: ru
content-type: text/html; charset=UTF-8
date: Wed, 04 Jan 2023 18:57:14 GMT
etag: W/"1672858633"
expires: Sun, 19 Nov 1978 05:00:00 GMT
last-modified: Wed, 04 Jan 2023 18:57:13 GMT
permissions-policy: interest-cohort=()
server: nginx
vary: Accept-Encoding Cookie
x-content-options: nosniff
x-content-type-options: nosniff
x-drupal-dynamic-cache: MISS
x-frame-options: SAMEORIGIN SAMEORIGIN
x-ua-compatible: IE=edge
x-xss-protection: 1; mode=block

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
49 KB 118ms
94ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0badc1216a43d9dc095fa493328aff3e3d94b3f81192c4d2a50bae0ddc99346a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49681
x-xss-protection: 0
server: cafe
etag: 6499627864906280355
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:26:46 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 109 KB
43 KB 254ms
46ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-50026712-1

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ae3cf037c8379938fccd9d7676c4af44829e20299bf9004a7a2ff4e09f616053

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43654
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 03:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 05 Jan 2023 05:26:46 GMT

GET
H2 200 css_BK4umSdbRLoc6n_w8OuzWAgVGSxLdthjshHHJ8JtV9A.css
donpress.com/files/css/ 11 KB
3 KB 7ms
7ms Stylesheet
text/css 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://donpress.com/files/css/css_BK4umSdbRLoc6n_w8OuzWAgVGSxLdthjshHHJ8JtV9A.css

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

04ae2e99275b44ba1cea7ff0f0ebb3580815192c4b76d863b211c727c26d57d0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
content-encoding: br
last-modified: Wed, 04 Jan 2023 15:56:23 GMT
server: nginx
x-content-options: nosniff
etag: W/"63b5a1a7-2bbf"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:46 GMT

GET
H2 200 css_qGU5NGGye5fbIuWFivs3vGY-uEqX5Pc1S-kqfWF-LVo.css
donpress.com/files/css/ 318 KB
48 KB 15ms
14ms Stylesheet
text/css 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://donpress.com/files/css/css_qGU5NGGye5fbIuWFivs3vGY-uEqX5Pc1S-kqfWF-LVo.css

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

a865393461b27b97db22e5858afb37bc663eb84a97e4f7354be92a7d617e2d5a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
content-encoding: br
last-modified: Wed, 04 Jan 2023 15:56:05 GMT
server: nginx
x-content-options: nosniff
etag: W/"63b5a195-4f820"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:46 GMT

GET
H2 200 logo.svg
donpress.com/themes/custom/dpt/ 4 KB
2 KB 23ms
23ms Image
image/svg+xml 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/themes/custom/dpt/logo.svg

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

46d8bc72a4cfb0bc2555ce67399826e59244fffc05e87d8f611d25dad88c7754

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
content-encoding: br
last-modified: Fri, 05 Mar 2021 19:52:17 GMT
server: nginx
x-content-options: nosniff
etag: W/"60428bf1-f84"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:46 GMT

GET
H2 200 nahuy.png
donpress.com/files/inline-images/ 212 KB
212 KB 24ms
23ms Image
image/png 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/inline-images/nahuy.png

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

dc7017932f464a2d20ccb431f616619eec6b9f2bee09db90d2f1e1abe6fabd58

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
last-modified: Mon, 28 Feb 2022 09:43:20 GMT
server: nginx
x-content-options: nosniff
etag: "621c9938-34f40"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 216896
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:46 GMT

GET
H2 200 js_mxfXsOg1sGVKudLHop-WcTaN67stHHnf33jzBuPcNus.js Show response
donpress.com/files/js/ 179 KB
55 KB 14ms
13ms Script
application/javascript 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://donpress.com/files/js/js_mxfXsOg1sGVKudLHop-WcTaN67stHHnf33jzBuPcNus.js

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

9b17d7b0e835b0654ab9d2c7a29f9671368debbb2d1c79dfdf78f306e3dc36eb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
content-encoding: br
last-modified: Wed, 04 Jan 2023 15:56:08 GMT
server: nginx
x-content-options: nosniff
etag: W/"63b5a198-2ca4a"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:46 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 3 KB
2 KB 41ms
16ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5592b1f799f3bff73a1b1d87deb4a32a820db0e2dd4a561050c7f1d27116d9a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 163021
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 22 Nov 2022 08:09:18 GMT
server: cloudflare
etag: W/"c04-5ee0ab04c6251"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=172800
cf-ray: 7849cd0e6bca9bf4-FRA

GET
H2 200 js_tQVPv1vl2PI9dqWVLw62ObEdynOle84glRrxdKkdWkA.js Show response
donpress.com/files/js/ 51 KB
12 KB 23ms
22ms Script
application/javascript 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://donpress.com/files/js/js_tQVPv1vl2PI9dqWVLw62ObEdynOle84glRrxdKkdWkA.js

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

b5054fbf5be5d8f23d76a5952f0eb639b11dca73a57bce20951af174a91d5a40

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
content-encoding: br
last-modified: Wed, 04 Jan 2023 15:56:21 GMT
server: nginx
x-content-options: nosniff
etag: W/"63b5a1a5-cc2e"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:46 GMT

POST
H2 200 z
s.zmctrack.net/ Frame 1A6D 16 B
0 197ms
36ms XHR
text/plain 185.187.81.41
IDSTRATEGY-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.zmctrack.net/z
Requested by: Host: donpress.com
URL: https://donpress.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.187.81.41 , Ukraine, ASN43332 (IDSTRATEGY-AS, UA),
Reverse DNS
Software: openresty /
Resource Hash

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
server: openresty
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://donpress.com
access-control-expose-headers: X-Meta-Request-Id, X-Location, X-Meta-Status, X-Check, X-Cookie
cache-control: no-cache, no-store
x-check: 4a58d48fe9c587fcbd3ce9062ce49b7
access-control-allow-headers: X-Request-Data, X-Headers, X-Url, Accept-Encoding, Accept-Language, Content-Language, Accept, Content-Type, Cookie, Origin, User-Agent
content-length: 16
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
1 KB 176ms
16ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:700

Requested by

Host: donpress.com
URL: https://donpress.com/files/css/css_qGU5NGGye5fbIuWFivs3vGY-uEqX5Pc1S-kqfWF-LVo.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f656f61f0960996ff079230d843f53914b82dc3b665b4ae5c80d1609a66b9501

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 05:26:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 04:51:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 05:26:46 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/ 356 KB
117 KB 83ms
83ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4318230466334591&plah=donpress.com&bust=31071220

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b58bc4453642e053c59ee44f5506e7e44a763357e16315fef367a9382678223e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120015
x-xss-protection: 0
server: cafe
etag: 2638412073166636540
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:26:46 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/ Frame 1EF6 10 KB
5 KB 30ms
7ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4923
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4242
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:04:43 GMT
etag: 10353107486223812946
expires: Thu, 19 Jan 2023 04:04:43 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2
fonts.gstatic.com/s/opensans/v34/ 16 KB
17 KB 36ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4gaVI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 18:51:26 GMT
x-content-type-options: nosniff
age: 210921
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16740
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 18:51:26 GMT

GET
H2 200 memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2
fonts.gstatic.com/s/opensans/v34/ 10 KB
11 KB 36ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsjZ0B4kaVIGxA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

624b713241704e0993f7d2147c1f1408a8a0df1be297a490bfe8e2b89387ce93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 02 Jan 2023 18:51:41 GMT
x-content-type-options: nosniff
age: 210906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10652
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 02 Jan 2024 18:51:41 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/ru_RU/ 3 KB
2 KB 33ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6066e3d2c7e9f81c821472d29e18268b1b895ad44e7b28201de426c56b4a529e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:26:47 GMT
content-md5: hfmt6+uWk9bYPM/5j9fdYA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: DyUwbrqwFhH6HkFmqIDrl0ggaPnG10+8Q0Xiccot4ysjoB2mpQDoqVlWK39bbXxmkGc7zUkWGucMWzPoyKFlYw==
x-fb-trip-id: 917726464
x-fb-content-md5: 24016ee21454af4801b816ce5ec0c923
cross-origin-opener-policy: same-origin-allow-popups
etag: "dc3a5117780d9d44fb555d665575f837"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 05 Jan 2023 05:31:54 GMT

GET
DATA 200
OK truncated
/ 59 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 810284e7c7165d0055169c2715d5f652c132e2ab7439d40d0936ff0e6ba56c99

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 16 KB
16 KB 31ms
18ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuXMRw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 30 Dec 2022 10:01:47 GMT
x-content-type-options: nosniff
age: 501900
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16324
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:08:32 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 30 Dec 2023 10:01:47 GMT

GET
H2 200 materialdesignicons-webfont.woff2
donpress.com/themes/custom/dpt/fonts/ 318 KB
318 KB 9ms
8ms Font
font/woff2 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://donpress.com/themes/custom/dpt/fonts/materialdesignicons-webfont.woff2?v=5.8.55

Requested by

Host: donpress.com
URL: https://donpress.com/files/css/css_qGU5NGGye5fbIuWFivs3vGY-uEqX5Pc1S-kqfWF-LVo.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donpress.com/files/css/css_qGU5NGGye5fbIuWFivs3vGY-uEqX5Pc1S-kqfWF-LVo.css
Origin: https://donpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Mon, 17 May 2021 08:13:52 GMT
server: nginx
x-content-options: nosniff
etag: "60a225c0-4f67c"
x-frame-options: SAMEORIGIN
content-type: font/woff2
accept-ranges: bytes
content-length: 325244
x-xss-protection: 1; mode=block

GET
H2 200 z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2
fonts.gstatic.com/s/opensanscondensed/v23/ 11 KB
11 KB 21ms
19ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensanscondensed/v23/z7NFdQDnbTkabZAIOl9il_O6KJj73e7Ff0GmDuHMR6WR.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans|Open+Sans+Condensed:700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

998691c2c0c408e5cbf98147176c36679708ce66b26b77f3fc30b83fa5bab311

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://donpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 15:08:24 GMT
x-content-type-options: nosniff
age: 397103
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10800
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 18:07:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 15:08:24 GMT

GET
H3 200 sm.24.html Show response
static.addtoany.com/menu/ Frame EE1F 677 B
679 B 29ms
18ms Document
text/html 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/sm.24.html

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 98621
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: max-age=315360000, immutable
cf-cache-status: HIT
cf-ray: 7849cd1069702c6e-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Thu, 05 Jan 2023 05:26:47 GMT
etag: W/"2a5-5edb40e6d10d8"
last-modified: Fri, 18 Nov 2022 00:47:55 GMT
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
via: e2s
x-content-type-options: nosniff

GET
H3 200 core.9b4ec89f.js Show response
static.addtoany.com/menu/modules/ 70 KB
25 KB 29ms
18ms Script
application/javascript 2606:4700:10::6816:46c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/modules/core.9b4ec89f.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:46c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b84b58bc5684e07213ce13351d3bf6b45f8fabc346f45f4a1ea17a4bbafbdd13

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donpress.com/
Origin: https://donpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
via: e4s
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3791783
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-bgj: minify
last-modified: Tue, 22 Nov 2022 08:09:17 GMT
server: cloudflare
etag: W/"117a5-5ee0ab045ab91"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, immutable
cf-ray: 7849cd106b749153-FRA

GET
H3 200 sdk.js Show response
connect.facebook.net/ru_RU/ 307 KB
87 KB 20ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/ru_RU/sdk.js?hash=f6cd4d2ea0561b54f1fe7211e5a4f93e

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/ru_RU/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0525bed80e3c9a3ba30f12b5e77bb2c70a616b742f97f3b13531b3c7fe56099d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://donpress.com/
Origin: https://donpress.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 05:26:47 GMT
content-md5: Y7GoC0gg9+uV68poMM/HNg==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88643
x-fb-rlafr: 0
x-fb-debug: bNiwGCGfCFwV8a0zbXVEqDR0u8PAx1xt6b6/cdhAeGlv3bvcgFjpj3iAeiCU9JJ8D04UxX9j2c8UBlBK6RjRgA==
x-fb-content-md5: b568ea7ccd5b4802fe3cdac2497c143c
cross-origin-opener-policy: same-origin-allow-popups
etag: "e9af7d72872005aba66520781c85e7e7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
priority: u=3,i
expires: Fri, 05 Jan 2024 05:11:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-50026712-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 05 Jan 2023 03:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5763
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 05 Jan 2023 05:50:44 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
695 B 42ms
18ms Script
text/javascript 2a00:1450:4001:806::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=donpress.com&callback=_gfp_s_&client=ca-pub-4318230466334591&gpid_exp=1

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202212060101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-4318230466334591&plah=donpress.com&bust=31071220

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aadc13c0bdcf3978a1b9c4be509fc59b31ef77f90135d930962c727e42af36a2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 251
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 106ms
42ms Script
application/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=donpress.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 46ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=donpress.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5064 0
19 B 82ms
60ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&adk=1812271804&adf=3025194257&lmt=1672858633&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32&plas=236x945_l%7C236x945_r&format=0x0&url=https%3A%2F%2Fdonpress.com%2F&ea=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406890&bpp=4&bdt=152&idt=233&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=1119565076999&frm=20&pv=2&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=263

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:26:47 GMT
expires: Thu, 05 Jan 2023 05:26:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 Screenshot_2_0.jpg
donpress.com/files/styles/lsq/public/images/news/2301/ 28 KB
28 KB 9ms
6ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/lsq/public/images/news/2301/Screenshot_2_0.jpg?itok=pGkLf0zC

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

651c84e1257a60d8162a24782d1797b27c518d9179d7b427568e6b982be68b60

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 13:24:50 GMT
server: nginx
x-content-options: nosniff
etag: "63b57e22-709f"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 28831
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 %D0%A1%D1%82%D1%80%D0%B5%D0%BB%D0%BA%D0%BE%D0%B21_0.png
donpress.com/files/styles/msq/public/images/news/2301/ 210 KB
210 KB 10ms
7ms Image
image/png 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/msq/public/images/news/2301/%D0%A1%D1%82%D1%80%D0%B5%D0%BB%D0%BA%D0%BE%D0%B21_0.png?itok=N7GlUmO9

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

89d262f71be2f1b4ca595536d3d04caaa3cca2420e3d2d8e0a57c22cdc833693

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 13:24:50 GMT
server: nginx
x-content-options: nosniff
etag: "63b57e22-34685"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 214661
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 Screenshot_7.jpg
donpress.com/files/styles/msq/public/images/news/2301/ 15 KB
15 KB 13ms
9ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/msq/public/images/news/2301/Screenshot_7.jpg?itok=GJGgK1Vx

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

a8af32d93ece513c773d600b184e4c423017dd80070fb1e6785cad4303db3659

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 10:59:23 GMT
server: nginx
x-content-options: nosniff
etag: "63b55c0b-3a15"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14869
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 photo_2022-05-23_14-43-01_1.jpg
donpress.com/files/styles/msq/public/images/news/2301/ 12 KB
12 KB 15ms
12ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/msq/public/images/news/2301/photo_2022-05-23_14-43-01_1.jpg?itok=grM7X9kQ

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

b6eeb8a17444f8cad8d55644f6b1be4393bb70891d642fbdf0d61a1cfb621ef3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Tue, 03 Jan 2023 13:16:13 GMT
server: nginx
x-content-options: nosniff
etag: "63b42a9d-2ff1"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12273
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 %D1%81%D0%BC%D0%B5%D1%8E%D1%89%D0%B8%D0%B9%D1%81%D1%8F%20%D0%BF%D1%83%D1%82%D0%B8%D0%BD.jpg
donpress.com/files/styles/msq/public/images/news/2301/ 16 KB
16 KB 17ms
14ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/msq/public/images/news/2301/%D1%81%D0%BC%D0%B5%D1%8E%D1%89%D0%B8%D0%B9%D1%81%D1%8F%20%D0%BF%D1%83%D1%82%D0%B8%D0%BD.jpg?itok=E0tIYQjK

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

3eeb3f8ad2c981acd7f9e6cc3fb4d14e8c26015b80a505c6b6dbb4e480b88b8d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Mon, 02 Jan 2023 10:39:21 GMT
server: nginx
x-content-options: nosniff
etag: "63b2b459-3f93"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16275
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 photo_2022-05-19_19-29-49_0.jpg
donpress.com/files/styles/msq/public/images/news/2301/ 14 KB
15 KB 18ms
15ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/msq/public/images/news/2301/photo_2022-05-19_19-29-49_0.jpg?itok=hskvtPi9

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

2b4f6735d81ced5e77b19c345c39f75f77069dcc7eb01d800786375533480690

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Tue, 03 Jan 2023 18:38:56 GMT
server: nginx
x-content-options: nosniff
etag: "63b47640-398b"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14731
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 31c5ec4e0204dd5b.jpg
donpress.com/files/styles/msq/public/images/news/2301/ 15 KB
16 KB 18ms
16ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/msq/public/images/news/2301/31c5ec4e0204dd5b.jpg?itok=MD3-I9UJ

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

b1990c013956d9344c075893b9926658ff4ed0b7f3d4b5d8ff8f0f09c9a450bb

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Mon, 02 Jan 2023 17:55:04 GMT
server: nginx
x-content-options: nosniff
etag: "63b31a78-3deb"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15851
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 photo_2023-01-02_11-14-37.jpg
donpress.com/files/styles/msq/public/images/news/2301/ 24 KB
24 KB 19ms
17ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/msq/public/images/news/2301/photo_2023-01-02_11-14-37.jpg?itok=_xmV10_U

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

d65d08cdc2610e1569c0c948b7399e34257d7663583ba7bbe0801090f40fe9fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Mon, 02 Jan 2023 12:08:45 GMT
server: nginx
x-content-options: nosniff
etag: "63b2c94d-5f4a"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 24394
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 754598807817476_2.jpg
donpress.com/files/styles/msq/public/images/news/2301/ 30 KB
30 KB 20ms
17ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/msq/public/images/news/2301/754598807817476_2.jpg?itok=zF9ICkhC

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

5a8d26f9ed6a35c09590374ac076cb1de4082873180829016579ffd784b045ba

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 06:33:27 GMT
server: nginx
x-content-options: nosniff
etag: "63b51db7-78b3"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 30899
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 237743_okupant_reuters_1.png
donpress.com/files/styles/mwd/public/images/news/2301/ 181 KB
181 KB 20ms
18ms Image
image/png 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/mwd/public/images/news/2301/237743_okupant_reuters_1.png?itok=WavP59kb

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

74d222b4420c8c0e429355b4d44b79f7bb6b039047131a0d4a0d4e95a05ed4c4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 11:12:11 GMT
server: nginx
x-content-options: nosniff
etag: "63b55f0b-2d3d8"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 185304
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 Screenshot_9.jpg
donpress.com/files/styles/mwd/public/images/news/2301/ 9 KB
10 KB 22ms
20ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/mwd/public/images/news/2301/Screenshot_9.jpg?itok=wT0J0GGs

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

d5660bfa2da431ef42fd30ad9bd6d1ec5f713694fe3d6dd09cc81168d14c14a6

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 11:29:03 GMT
server: nginx
x-content-options: nosniff
etag: "63b562ff-25b3"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 9651
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 %D0%B2%D0%B7%D1%80%D1%8B%D0%B2_8.jpg
donpress.com/files/styles/mwd/public/images/news/2301/ 13 KB
13 KB 23ms
21ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/mwd/public/images/news/2301/%D0%B2%D0%B7%D1%80%D1%8B%D0%B2_8.jpg?itok=4delwHjh

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

75c4eb314abef49671c495d78f46f74c6f2f604006fbd1b4bdaa1692480a6652

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 18:57:17 GMT
server: nginx
x-content-options: nosniff
etag: "63b5cc0d-323c"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12860
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 %D0%A8%D0%B0%D1%85%D0%B8%D0%B4.jpg
donpress.com/files/styles/mwd/public/images/news/2301/ 16 KB
16 KB 23ms
21ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/mwd/public/images/news/2301/%D0%A8%D0%B0%D1%85%D0%B8%D0%B4.jpg?itok=NL0tqeH6

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

080a079d56f1036d7a563855ff75aebf6b1429b40af1d5b23d720e4f2d937040

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 16:52:07 GMT
server: nginx
x-content-options: nosniff
etag: "63b5aeb7-3e66"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 15974
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 %D1%80%D0%BE%D1%81%D0%B8%D1%8F%D0%BD%D0%B5_1.jpg
donpress.com/files/styles/mwd/public/images/news/2301/ 14 KB
14 KB 24ms
22ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/mwd/public/images/news/2301/%D1%80%D0%BE%D1%81%D0%B8%D1%8F%D0%BD%D0%B5_1.jpg?itok=GbtFne0e

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

76fa6a955ed8377b83f4b71a78fe307303f91728b4b06a50dc89d1f28d6a9918

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 16:33:35 GMT
server: nginx
x-content-options: nosniff
etag: "63b5aa5f-3715"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 14101
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 238758_rashka-wal_gettyimagesl_960x380_0.png
donpress.com/files/styles/mwd/public/images/news/2301/ 195 KB
195 KB 24ms
23ms Image
image/png 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/mwd/public/images/news/2301/238758_rashka-wal_gettyimagesl_960x380_0.png?itok=W0TVVrSI

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

b30751260caf714009392e220dc20a21a0c51b3e26ee0b07c68ca1a80d10e166

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 04 Jan 2023 14:37:48 GMT
server: nginx
x-content-options: nosniff
etag: "63b58f3c-30af2"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 199410
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 %D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BC%D1%8F%D1%87_0.jpg
donpress.com/files/styles/mwd/public/images/news/2212/ 13 KB
13 KB 26ms
25ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/mwd/public/images/news/2212/%D1%84%D1%83%D1%82%D0%B1%D0%BE%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BC%D1%8F%D1%87_0.jpg?itok=g51wLq6z

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

20c74c3c64c1dd3a135617a643bfc026d61fbf5718e79e11899d0b66aef49a99

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Mon, 26 Dec 2022 14:22:29 GMT
server: nginx
x-content-options: nosniff
etag: "63a9ae25-3201"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12801
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H2 200 %D0%91%D0%B5%D0%B7%D1%8B%D0%BC%D1%8F%D0%BD%D0%BD%D1%8B%D0%B9_35.jpg
donpress.com/files/styles/mwd/public/images/news/2208/ 12 KB
12 KB 27ms
25ms Image
image/jpeg 148.251.159.186
HETZNER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://donpress.com/files/styles/mwd/public/images/news/2208/%D0%91%D0%B5%D0%B7%D1%8B%D0%BC%D1%8F%D0%BD%D0%BD%D1%8B%D0%B9_35.jpg?itok=ZslimaNa

Requested by

Host: donpress.com
URL: https://donpress.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

148.251.159.186 , Germany, ASN24940 (HETZNER-AS, DE),

Reverse DNS

static.186.159.251.148.clients.your-server.de

Software

nginx /

Resource Hash

cfa283a4cb5bf253bdeaaca7e33169fc1013503104e9ee7cfff4a2dc240cc2fd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
last-modified: Wed, 10 Aug 2022 11:05:25 GMT
server: nginx
x-content-options: nosniff
etag: "62f390f5-2fe2"
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12258
x-xss-protection: 1; mode=block
expires: Sat, 04 Feb 2023 05:26:47 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 778B 23 KB
10 KB 332ms
327ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=3613780203&adf=2779282261&pi=t.ma~as.3685009526&w=734&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=734x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406994&bpp=18&bdt=256&idt=174&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=883&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=87j41mYr7C&p=https%3A//donpress.com&dtd=179

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4de4a2a66862ae6b9ffcc1b49b677d5660bad8aa9b9ac7f40a62e9a275daf05c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9919
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:26:47 GMT
expires: Thu, 05 Jan 2023 05:26:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3775 23 KB
10 KB 179ms
178ms Document
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=2819269942&adf=609818460&pi=t.ma~as.3685009526&w=485&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=485x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896407039&bpp=3&bdt=301&idt=148&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C734x280&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4xrI3oeqcO&p=https%3A//donpress.com&dtd=153

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6d6035b14a28941a9254595ab246b0624b7363aaeff2ce1cb88d7d0cbbd7ded8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9970
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:26:47 GMT
expires: Thu, 05 Jan 2023 05:26:47 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 37ms
16ms XHR
text/plain 2001:4860:4802:36::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&aip=1&a=1547153983&t=pageview&_s=1&dl=https%3A%2F%2Fdonpress.com%2F&ul=en-us&de=UTF-8&dt=DonPress.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAACAAI~&jid=420806336&gjid=1730303777&cid=1540006478.1672896407&tid=UA-50026712-1&_gid=1785736100.1672896407&_r=1&gtm=2oubu0&did=dMDhkMT&gdid=dMDhkMT&npa=1&z=1538091162

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2001:4860:4802:36::178 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://donpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:26:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
436 B 58ms
19ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-50026712-1&cid=1540006478.1672896407&jid=420806336&gjid=1730303777&_gid=1785736100.1672896407&npa=1&_u=YAhAAUAAAAAAACAAI~&z=2065826057

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://donpress.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 05 Jan 2023 05:26:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://donpress.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3775 3 KB
1 KB 32ms
8ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=2819269942&adf=609818460&pi=t.ma~as.3685009526&w=485&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=485x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896407039&bpp=3&bdt=301&idt=148&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C734x280&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4xrI3oeqcO&p=https%3A//donpress.com&dtd=153

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 3775 18 KB
8 KB 31ms
7ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3775 154 KB
48 KB 45ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:26:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 3775 0
0 54ms
53ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C6a68l1-2Y4WCDYvrgAe_u47wB8me0rFc1fbi1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTQzMTgyMzA0NjYzMzQ1OTHIAQmpAgZhoAiUyrE-qAMBqgTpAU_QwXRzQvIXRaX4jPAHl1XUygnkphQGRaOX5ur0QgbcyL8t7xXG1_TAtke5X5CeF0EoEjBOGHTD1-5a9iUYThZUqodCpenjGUYhNSJrysLGiGTILZ2oYnkCAEJYQk90NNcIfeRxDPIXgjnElbobcfpMoq79jiGk02LN4f3bBNt5NhIzyIdbDXbNe2w2I8OKRLKZKXubJhFaPL-VIZosLE3wTSQBEFIJXaeBiS5lHcn6yrxQrkfGpe2y8zETEcplIW1PUr2LsH6wVRH8Qz9s1xTosm734z9dhMmxU0uk_Q1BSg9DCLU3SguLgAbv9by2-rK-04ABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi00MzE4MjMwNDY2MzM0NTkxGAA&sigh=lA0KkaZEGfI&uach_m=[UACH]&cid=CAQSGwDq26N9MzO9TEvr4k2hBK0aQP9kTa7eCK92mhgBIBM

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=2819269942&adf=609818460&pi=t.ma~as.3685009526&w=485&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=485x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896407039&bpp=3&bdt=301&idt=148&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C734x280&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4xrI3oeqcO&p=https%3A//donpress.com&dtd=153
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 05:26:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 05 Jan 2023 05:26:47 GMT

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 3775 0
0 42ms
13ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kNnGEsz6ROUDmAKdg2ICAgAAAIoVQeP3-LG0EJZftmMme4rMPLA6bRHMtgASAAA&wp=Y7ZflwADQQUK4DWLAAOdvx-bpU9Dn4pBTznjxg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 314279
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 2475 139 KB
47 KB 154ms
111ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZflwADQQUK4DWLAAOdvx-bpU9Dn4pBTznjxg&u=%7CYzETS3je%2B3sKS5OPEnfzgeFnfnkrbnCTZAlrIqEt6nw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkMNeCeSHZReLtX59hqoNgeBPrYiGwtiIfZ6miszNFYnADnNg6mH75V4mdmAweOawLvYI0KVIqEX1QYwne1ufQhar-5ECd2VjiDAkpvAKYA-j3B5L3PeeGLgktnfPMDk4JgknVNoj4GR7NVhBMwXXDWEbI6TktUfyMZlS53IpwH5xfqg-G8Ag080-69pPsri0CTz_7hGWV7kOP8eDIW4bZa3ymaOk9KvBWN7cqumY0FSiUSyxN4Bk3MaH63uiomjFG6GP9n5Ro2Fr3rdTEuoihjpLjcif5FOABFYXhYcjz38zEIG-JXj1wZrZZBRxFoJv_xlRHn52b7SwvJOZTP2Ae3LYdM-pnR04hBJn4p8PQnFG9k5NSya0u1wtlSMb4gt-LtyJDGcd5lLQYMD0qhvvI9GgTCmUswZ_S9uMlqtxQkpxGHVesV_VEehGJ0H66tM1aZvhuV-531LoOjgmhLHaUCUOx2owdO1U4NnSCtiOsGKheYqPvx7mBZT7vo0KlUsNNPygHEXZSbXwxMqqW-Sum213GyjKsFmvwsqxvxUw03AAu1H-VHLzB6N_TdMz2z0r7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVeAQl1-2Y4WCDYvrgAe_u47wB8me0rFc1fbi1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTQzMTgyMzA0NjYzMzQ1OTHIAQmpAgZhoAiUyrE-qAMBqgTsAU_QwXRzQvIXRaX4jPAHl1XUygnkphQGRaOX5ur0QgbcyL8t7xXG1_TAtke5X5CeF0EoEjBOGHTD1-5a9iUYThZUqodCpenjGUYhNSJrysLGiGTILZ2oYnkCAEJYQk90NNcIfeRxDPIXgjnElbobcfpMoq79jiGk02LN4f3bBNt5NhIzyIdbDXbNe2w2I8OKRLKZKXubJhFaPL-VIZosLE3wTSQBEFIJXaeBiS5lHcn6yrxQrkfGpe2y8zETEcplIW1PUv-Jkew32o3v_KN4dMTVFJb-9zXrjuep0f9swKuz9RFvEDCdzhg08QyDgAbv9by2-rK-04ABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2h04UcxfHCV5aotsLQK2njsdzvgA%26client%3Dca-pub-4318230466334591%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

9a95dbd6f4a6e3d9758692025877599ef715c71669328eb746a79de5c86894b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:26:46 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=cYRhv9jTZFobtDfJmw4z-djVDJGU6U6lE12DdVsePaQxBfeHKcF3m_WyWGewcUEJGKJQ2KXHHWTlRhsUnxv01iQMfXA5X52KltzdpJnlme74ftdewDV_FneAygdelqq3-QzAOgfebhE3FvSavYhLcKFNiTV7pjGyipHhNNiEIS4RACfseDTcnR9eM_0xpqtb490ZMG49OvROnvypitOLe_I0ze875Cvs9eBd2vwgxur3sDMiWMF4Jx4B7_e46BCFBsQLew"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 90889244
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 3775 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1b2bf5104f7b10149939f26aa764f0eb0441b2cc961b5de382a054f5d3515668

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 778B 3 KB
1 KB 56ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=3613780203&adf=2779282261&pi=t.ma~as.3685009526&w=734&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=734x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406994&bpp=18&bdt=256&idt=174&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=883&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=87j41mYr7C&p=https%3A//donpress.com&dtd=179

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/ Frame 778B 18 KB
7 KB 56ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230103/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=3613780203&adf=2779282261&pi=t.ma~as.3685009526&w=734&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=734x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406994&bpp=18&bdt=256&idt=174&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=883&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=87j41mYr7C&p=https%3A//donpress.com&dtd=179

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 03:49:22 GMT
content-encoding: br
x-content-type-options: nosniff
age: 5845
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7527
x-xss-protection: 0
server: cafe
etag: 8658061406568722807
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 19 Jan 2023 03:49:22 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 778B 154 KB
47 KB 41ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=3613780203&adf=2779282261&pi=t.ma~as.3685009526&w=734&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=734x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406994&bpp=18&bdt=256&idt=174&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=883&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=87j41mYr7C&p=https%3A//donpress.com&dtd=179

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48184
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1672836157132942"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:26:47 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 778B 0
0 53ms
52ms Fetch
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CZjYWl1-2Y878C5DggQf7h7mYDsme0rFczeGS93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDMxODIzMDQ2NjMzNDU5McgBCakCBmGgCJTKsT6oAwGqBOMBT9CqCbTJ4JdoppN4baQIyi51FkNfK0LqMrgBzY7UCCMzyo5JrCo51JEEWK0PdWmyuAWQn-nsnBcgObcLENumqR8BvGVRlEMoEZCeH_ed3smw7GEIvimj0JjeANObNreQpzL1m0X0PE2kR6aCGN-QqtHUOUQYz8GkjlL8sxffJSZsYAEnNfHa2NOR0Q1wnuQCnLtlPokfEEXOKeZbNnRFRHJO3YDCD0x1JCZHnYVEl46saOr2UQgofEw1Rxtw03I4MESnHaGp8t5d5uIKMiqzN1Wc6oCrsC7TTZy5RqGn_y8naRqABueJwq6lj9OAfqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItNDMxODIzMDQ2NjMzNDU5MRgA&sigh=H1FunAes1vQ&uach_m=[UACH]&cid=CAQSGwDq26N9wFGlkaLaDgbYdgdu5F8OplCBWR7cfhgBIBM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=3613780203&adf=2779282261&pi=t.ma~as.3685009526&w=734&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=734x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406994&bpp=18&bdt=256&idt=174&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=883&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=87j41mYr7C&p=https%3A//donpress.com&dtd=179

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=3613780203&adf=2779282261&pi=t.ma~as.3685009526&w=734&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=734x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406994&bpp=18&bdt=256&idt=174&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=883&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=87j41mYr7C&p=https%3A//donpress.com&dtd=179
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 05 Jan 2023 05:26:47 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 778B 0
0 200ms
21ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kPCGD7r5RN4FmAKdg2ICAgAAAIoVQeP3-LG0EJdftmPeuo8PsSMX3tnZgwASAAA&wp=Y7ZflwAC_k4K4HAQAA5D-_ev9dJ5mNHamm-Dlw

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=3613780203&adf=2779282261&pi=t.ma~as.3685009526&w=734&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=734x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406994&bpp=18&bdt=256&idt=174&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=883&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=87j41mYr7C&p=https%3A//donpress.com&dtd=179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 238688
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 49D5 132 KB
45 KB 102ms
101ms Document
text/html 2a02:2638::b
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZflwAC_k4K4HAQAA5D-_ev9dJ5mNHamm-Dlw&u=%7CYzETS3je%2B3ufwoHCv0JY1jNljiy%2B%2FdxwfTaSjXy0a4c%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkMNeCeSHZReLfxIC2V_PWMrILVmE8rfv2yP1-vCG-N2X6Ev4alzF1Z6BIkpKdgpzalPY0iwtcOb1GgXl2m6dNoQIpXrPKLlyFKp6JtOk2CSTszJqG7550vd0n0-n16A_45OzaTY_QpnA2PCPLmd4oxxjyRc9_yd84uwQwFoWQKab3jhS9rUVGJryxe7XddOzSnxXSoaXX_ts8m968VczSHHwOJgFH_XO0UDMrrU6COINb-h2lMBQ9qj1HtCaiClSkLSNxm4ii6YHM-Eu_P7rN5Dw4Iyuyg_bvE5rGwUOZ7x_1dZQdgTi1b4DvZykfDW97q4W_4fO7_gz08aBgTRMqKkydUfG3orUoUCZ6USxnrFxGty17jitnPUsq94oTdbnsVDz5GjABawLfH8nlvQogR453rRKXRBNomWIRlUw4Jqm08nY7buVyCgLjfkuQcveRRPd2Nisi8dHFZlLwa170O9TtzQmdmj_G-2NlXlS6AH-8XxufMqiE8CrclKwcr0RxSx8yL_j3hahV--e_DB1XML0WSRr0dOef0zXtifK__Y1wDaplXUGUu0H-v7EP1KalQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4oyal1-2Y878C5DggQf7h7mYDsme0rFczeGS93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDMxODIzMDQ2NjMzNDU5McgBCakCBmGgCJTKsT6oAwGqBOYBT9CqCbTJ4JdoppN4baQIyi51FkNfK0LqMrgBzY7UCCMzyo5JrCo51JEEWK0PdWmyuAWQn-nsnBcgObcLENumqR8BvGVRlEMoEZCeH_ed3smw7GEIvimj0JjeANObNreQpzL1m0X0PE2kR6aCGN-QqtHUOUQYz8GkjlL8sxffJSZsYAEnNfHa2NOR0Q1wnuQCnLtlPokfEEXOKeZbNnRFRHJO3YDCD0x1JCZHnYVEl46saOr2UQgofEw1RxtwkXAZosMogbIWbsr-Nt-syiOnPeOWxJgpBObu624GWI2_eoWjeqVXIGCABueJwq6lj9OAfqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1rozf6GVslv3j5Rfaspq5G6p0Cbw%26client%3Dca-pub-4318230466334591%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=3613780203&adf=2779282261&pi=t.ma~as.3685009526&w=734&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=734x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896406994&bpp=18&bdt=256&idt=174&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=883&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEe%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=87j41mYr7C&p=https%3A//donpress.com&dtd=179

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::b , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

75db3069f0632974e408ad0aff72f5e7d55344b4ec33b980dcc505d82e4e3b30

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:26:47 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=Wa0GQ9jTZFobtDfJL1P9Mn8yNyz_zVKUC9s8UgfqBvX6jSM6WSTKOcwPbtf7o3sNdVx4TbUNkW4_Z8IqzA2KfjGJCBoiIS5XcTs9jgVMzspDlmFiKh8cXXixm46TzKkmh6laHalNME8f0FwQ90zrLwxtYHHSGcEBXbtJLhMoEYpDeEdKH_b19n7U738wTEiC7uNRYjAHi6PFCNssxN1FA_9rwzfL6J-1JPyhl9_o7Pd7mvCW7tuAfyo42GyxzL0Yx8nvTw"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 80382509
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 2475 2 KB
1 KB 43ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZflwADQQUK4DWLAAOdvx-bpU9Dn4pBTznjxg&u=%7CYzETS3je%2B3sKS5OPEnfzgeFnfnkrbnCTZAlrIqEt6nw%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkMNeCeSHZReLtX59hqoNgeBPrYiGwtiIfZ6miszNFYnADnNg6mH75V4mdmAweOawLvYI0KVIqEX1QYwne1ufQhar-5ECd2VjiDAkpvAKYA-j3B5L3PeeGLgktnfPMDk4JgknVNoj4GR7NVhBMwXXDWEbI6TktUfyMZlS53IpwH5xfqg-G8Ag080-69pPsri0CTz_7hGWV7kOP8eDIW4bZa3ymaOk9KvBWN7cqumY0FSiUSyxN4Bk3MaH63uiomjFG6GP9n5Ro2Fr3rdTEuoihjpLjcif5FOABFYXhYcjz38zEIG-JXj1wZrZZBRxFoJv_xlRHn52b7SwvJOZTP2Ae3LYdM-pnR04hBJn4p8PQnFG9k5NSya0u1wtlSMb4gt-LtyJDGcd5lLQYMD0qhvvI9GgTCmUswZ_S9uMlqtxQkpxGHVesV_VEehGJ0H66tM1aZvhuV-531LoOjgmhLHaUCUOx2owdO1U4NnSCtiOsGKheYqPvx7mBZT7vo0KlUsNNPygHEXZSbXwxMqqW-Sum213GyjKsFmvwsqxvxUw03AAu1H-VHLzB6N_TdMz2z0r7g&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCVeAQl1-2Y4WCDYvrgAe_u47wB8me0rFc1fbi1pMBwI23ARABIABglfrwgYwHggEXY2EtcHViLTQzMTgyMzA0NjYzMzQ1OTHIAQmpAgZhoAiUyrE-qAMBqgTsAU_QwXRzQvIXRaX4jPAHl1XUygnkphQGRaOX5ur0QgbcyL8t7xXG1_TAtke5X5CeF0EoEjBOGHTD1-5a9iUYThZUqodCpenjGUYhNSJrysLGiGTILZ2oYnkCAEJYQk90NNcIfeRxDPIXgjnElbobcfpMoq79jiGk02LN4f3bBNt5NhIzyIdbDXbNe2w2I8OKRLKZKXubJhFaPL-VIZosLE3wTSQBEFIJXaeBiS5lHcn6yrxQrkfGpe2y8zETEcplIW1PUv-Jkew32o3v_KN4dMTVFJb-9zXrjuep0f9swKuz9RFvEDCdzhg08QyDgAbv9by2-rK-04ABoAYhqAemvhuoB5bYG6gHqpuxAqgH_56xAqgH35-xAtgHANIIDwiA4YAQEAEyAqoCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2h04UcxfHCV5aotsLQK2njsdzvgA%26client%3Dca-pub-4318230466334591%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 2475 2 KB
1 KB 43ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 2475 308 B
636 B 51ms
23ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 2475 293 B
621 B 41ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 2475 43 B
348 B 66ms
18ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=nJNsSSE4xjul5fvex-2ZWB97YXtp7VRV1oLXcBN4DWbjlwlXkkatq9rHGhxOXQ6HEkFAoJ4gGf3hG9E780FzHb-5CyCUk9PrrJ3JO3-DRO13qn_QNLTp-VboNiCs2Xv3vimgiMeuk690E4OZpqSU0rMlutqKQzDpNpMGH54t9gSht_AbWD7xMULyUF_zNabDZLrjmVs2qM1Q5guhDgYhwBomD7HZyY1H_LVfdscOSOexkXgtnIXhIGJYO7LGHGjyPglZ6brdN_DHmmJ4edTthAHDEAMtOYuGKfyDdVO2YgN--FCGbToRhQsRIgRTvz27VkQGz-gm3Xnm5uAHXEKRnVVmQ6YaTPd93TClae2sRNxQONTNI7ExscnIigTCgRe3YZz13pC8Te_irie05tNnDS7eJAYVNk4OT7hr8cD_-rKJUN63bmHNhqt6KVH8Yk9NwtMOYg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1876218
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 2475 12 KB
5 KB 45ms
11ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1240655
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5fqJnwiXDSlt88Di05QbyHy4%2BSnKZv8opp5fyBkG1o9VanzLkYgfLUbo559XS8K0WtEZsXV5k4autySftJ9V2xYMOFT9Ei0DLTpe42qbESWnbqnh0Vq%2FT5wdiaQpla0tEcTnaAt6fJ9KX4DYrq5fz%2Bdt"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7849cd137833bbda-FRA
expires: Tue, 26 Dec 2023 05:26:47 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 2475 12 KB
6 KB 18ms
15ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2475 814 B
1 KB 88ms
16ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=18240&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F18240%2F150217%2F837651.jpg&v=3&w=196&s=0IRLVbQRQf74oGWMz-hCfkNq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30323257
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 814
expires: Fri, 22 Dec 2023 04:34:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2475 35 KB
35 KB 118ms
46ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1519820112_VS&v=3&w=400&s=VapbyZpw03L7r50hI8R4Hfjt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

920c8ab4139fb61fc7f75b3a192a3888e84fbf594d663fea9a647ef083e6a1f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 35338
expires: Thu, 05 Jan 2023 05:26:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2475 23 KB
23 KB 106ms
35ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1494610124_VS&v=3&w=400&s=l9lcU_Xr7n_-XyD2OMTVsTJh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b93171560344aaf4bde5addb6386c90f9f446ba7762c500747b7d75d196c29eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 23420
expires: Thu, 05 Jan 2023 05:26:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 2475 33 KB
34 KB 130ms
59ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1491220117_VS_neu&v=3&w=400&s=aopu784gC6NAKRg9F5e_Hjbx&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

b9a122e608ce504e809c0cd8c2cfcb147bf1c311bcf28c9a576f76e8f9567cfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 34196
expires: Thu, 05 Jan 2023 05:26:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 2475 0
128 B 52ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=cYRhv9jTZFobtDfJmw4z-djVDJGU6U6lE12DdVsePaQxBfeHKcF3m_WyWGewcUEJGKJQ2KXHHWTlRhsUnxv01iQMfXA5X52KltzdpJnlme74ftdewDV_FneAygdelqq3-QzAOgfebhE3FvSavYhLcKFNiTV7pjGyipHhNNiEIS4RACfseDTcnR9eM_0xpqtb490ZMG49OvROnvypitOLe_I0ze875Cvs9eBd2vwgxur3sDMiWMF4Jx4B7_e46BCFBsQLew&sds=2&rev=84145&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 2475 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 2475 2 KB
1 KB 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
DATA 200
OK truncated
/ Frame 778B 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0c6ae6c55447c7109641d6307ab316d00c668b8258fd3a4e8425cafdee654748

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 49D5 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=Y7ZflwAC_k4K4HAQAA5D-_ev9dJ5mNHamm-Dlw&u=%7CYzETS3je%2B3ufwoHCv0JY1jNljiy%2B%2FdxwfTaSjXy0a4c%3D%7C&c1=0n2XosTo5clc2Y5hvSIf5mYMGd9qs4qlgkCe6-ijoCRMK1mCmTgIbqIDMD2xRulRs1WR3SMSMjCWyaziM01RkMNeCeSHZReLfxIC2V_PWMrILVmE8rfv2yP1-vCG-N2X6Ev4alzF1Z6BIkpKdgpzalPY0iwtcOb1GgXl2m6dNoQIpXrPKLlyFKp6JtOk2CSTszJqG7550vd0n0-n16A_45OzaTY_QpnA2PCPLmd4oxxjyRc9_yd84uwQwFoWQKab3jhS9rUVGJryxe7XddOzSnxXSoaXX_ts8m968VczSHHwOJgFH_XO0UDMrrU6COINb-h2lMBQ9qj1HtCaiClSkLSNxm4ii6YHM-Eu_P7rN5Dw4Iyuyg_bvE5rGwUOZ7x_1dZQdgTi1b4DvZykfDW97q4W_4fO7_gz08aBgTRMqKkydUfG3orUoUCZ6USxnrFxGty17jitnPUsq94oTdbnsVDz5GjABawLfH8nlvQogR453rRKXRBNomWIRlUw4Jqm08nY7buVyCgLjfkuQcveRRPd2Nisi8dHFZlLwa170O9TtzQmdmj_G-2NlXlS6AH-8XxufMqiE8CrclKwcr0RxSx8yL_j3hahV--e_DB1XML0WSRr0dOef0zXtifK__Y1wDaplXUGUu0H-v7EP1KalQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DC4oyal1-2Y878C5DggQf7h7mYDsme0rFczeGS93DAjbcBEAEgAGCV-vCBjAeCARdjYS1wdWItNDMxODIzMDQ2NjMzNDU5McgBCakCBmGgCJTKsT6oAwGqBOYBT9CqCbTJ4JdoppN4baQIyi51FkNfK0LqMrgBzY7UCCMzyo5JrCo51JEEWK0PdWmyuAWQn-nsnBcgObcLENumqR8BvGVRlEMoEZCeH_ed3smw7GEIvimj0JjeANObNreQpzL1m0X0PE2kR6aCGN-QqtHUOUQYz8GkjlL8sxffJSZsYAEnNfHa2NOR0Q1wnuQCnLtlPokfEEXOKeZbNnRFRHJO3YDCD0x1JCZHnYVEl46saOr2UQgofEw1RxtwkXAZosMogbIWbsr-Nt-syiOnPeOWxJgpBObu624GWI2_eoWjeqVXIGCABueJwq6lj9OAfqAGIagHpr4bqAeW2BuoB6qbsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_1rozf6GVslv3j5Rfaspq5G6p0Cbw%26client%3Dca-pub-4318230466334591%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 49D5 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 49D5 308 B
636 B 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 49D5 293 B
621 B 17ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 lg.php
cat.fr.eu.criteo.com/delivery/ Frame 49D5 43 B
347 B 20ms
20ms Image
image/gif 178.250.0.160
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.fr.eu.criteo.com/delivery/lg.php?cppv=3&cpp=d0MNowdMror1YRvHI9S4kFBm8fdNBbk9r1Rg28Xmjh5RBCBtaCFs1eErds-rw2m2pRTw_zTO92OG0IdUKyqsgLEcQKeCzs3Rs-oFZp1N8gJ5fxeNDh89TrpAGR3kavTRJEXXc5o5uWZOvl8I9prLkAox2NImhdd6pZG3MjIse6x69dOWhhYHQ6saeWl6qJmfg_-5SrbejFaClkjmO79Gt82RwwGNuUTqHQrlYN_-w1yMrnnYOWrThuDLpfmu-gE5Sg1V0JfvHDGAFxHgSP5io5q4_tw0K-lTT2r01dmxq6fFS68dDelNURrtSTOPjHDs8HJtS6FdSIgd5vC5znv4UjiQG26JWBgMb2j4SHI9JrPXagbJwOzneJT0lZHiIjZmc60PSrMQOjPrd5Vi67rHAbbI-H39a8u8rTq1weCqECkj-xCUwf2acsldDiVZD1Hh0oWCrA

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.160 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 2976961
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame 2475 2 KB
564 B 33ms
18ms Stylesheet
text/css 2a00:1450:4001:806::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 05 Jan 2023 03:52:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 05 Jan 2023 05:26:47 GMT

GET
H3 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 49D5 12 KB
5 KB 24ms
13ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1114816
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xYWStL5NHWLtEMiSESeGWx9LRrHgApIttf7TWto8QO3HXWoM%2Fc13EsWDdoJU9q7JhuumLZDil%2F7%2Bn576meM3mOkJ4YgrYJv9fuMWgmSI%2FerAb6vUALGR09CJI6D5rLFpJCntBWyKd6kVYunHPuqh9SCo"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7849cd13d8762bf7-FRA
expires: Tue, 26 Dec 2023 05:26:47 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 49D5 12 KB
6 KB 13ms
13ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 298518a3456b43619d7fb2c3f293120f_solivercase-regularweb.woff
static.criteo.net/design/dt/ Frame 49D5 49 KB
50 KB 42ms
16ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/298518a3456b43619d7fb2c3f293120f_solivercase-regularweb.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

85624a2ec2d80274f3f40dd8c4b7824d48fb9f08985788ddc25710f15b6d134e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 15 Apr 2021 08:05:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6077f3af-c5ac"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 aed2812ef5fe43c0bc2134fc76bda318_solivercase-boldweb.woff
static.criteo.net/design/dt/ Frame 49D5 52 KB
52 KB 65ms
40ms Font
application/octet-stream 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/aed2812ef5fe43c0bc2134fc76bda318_solivercase-boldweb.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

5d4126ca7f3d49c50c515a6caf7df110b9da0d833dce9b82bc36485059d5f8db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 15 Apr 2021 08:05:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6077f3af-ce5c"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49D5 6 KB
6 KB 48ms
45ms Image
image/png 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=556&m=0&partner=3999&q=80&r=0&u=http%3A%2F%2Fstatic.fr.eu.criteo.net%2Fdesign%2Fdt%2F3999%2F220211%2Fe2dac82d2449480f9a3a6eed10563b31_soliver_logo.png&v=3&w=196&s=Cu6Ll8Uxqqr1S86M0Qy6Jcne

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c22693a71099fe8dd4d81691d412211ddf52c49fd0690a4363d2acb53eda868e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29563474
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 5862
expires: Wed, 13 Dec 2023 09:31:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49D5 10 KB
11 KB 58ms
55ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3999&q=80&r=0&u=https%3A%2F%2Fmediastorage.soliver.com%2Fis%2Fimage%2Fsoliver%2F2118178.8650_flat&v=3&w=400&s=pTaJpjSzfZZaB0IcvzZIfPgT&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

c45fe6be930f11fc1f3c5639e8f23888615d9dc0b4da781b74c542aa569b9e59

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10714
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49D5 5 KB
5 KB 37ms
34ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3999&q=80&r=0&u=https%3A%2F%2Fmediastorage.soliver.com%2Fis%2Fimage%2Fsoliver%2F2115528.9999_flat&v=3&w=400&s=PiM_gXrEOnosso-zfD9Ri-dy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

572c25b9ff2b6330127b37bc25ff2c44e675841a6d053521160a9f688586ac6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:46 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 4750
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49D5 19 KB
19 KB 32ms
30ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3999&q=80&r=0&u=https%3A%2F%2Fmediastorage.soliver.com%2Fis%2Fimage%2Fsoliver%2F2118696.84W0_flat&v=3&w=400&s=5q8omJO_y7dsDx3RGH4Aa95G&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

28bc31639b211e4230069e33e1e1bfcc8679e4085f09e91e2ffe07a2ff23a790

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 19060
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 49D5 3 KB
3 KB 19ms
17ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=3999&q=80&r=0&u=https%3A%2F%2Fmediastorage.soliver.com%2Fis%2Fimage%2Fsoliver%2F2118458.9999_flat&v=3&w=400&s=4vFxcTx2eah8lfomffgdUUGc&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

f883bb3d8bceb6d8af1c613dbec22604a02fcc38c09c5bd29e316243c764bce3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=31104000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3298
expires: Sun, 31 Dec 2023 05:26:47 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 49D5 0
127 B 19ms
17ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=Wa0GQ9jTZFobtDfJL1P9Mn8yNyz_zVKUC9s8UgfqBvX6jSM6WSTKOcwPbtf7o3sNdVx4TbUNkW4_Z8IqzA2KfjGJCBoiIS5XcTs9jgVMzspDlmFiKh8cXXixm46TzKkmh6laHalNME8f0FwQ90zrLwxtYHHSGcEBXbtJLhMoEYpDeEdKH_b19n7U738wTEiC7uNRYjAHi6PFCNssxN1FA_9rwzfL6J-1JPyhl9_o7Pd7mvCW7tuAfyo42GyxzL0Yx8nvTw&sds=2&rev=84145&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 05:26:47 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 49D5 2 KB
1 KB 14ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 49D5 2 KB
1 KB 17ms
16ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 31 Dec 2023 05:26:47 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 2475 13 KB
13 KB 24ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400&subset=latin,cyrillic,latin-ext,cyrillic-ext,vietnamese,greek-ext,greek

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sat, 31 Dec 2022 13:30:55 GMT
x-content-type-options: nosniff
age: 402952
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 31 Dec 2023 13:30:55 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 45ms
28ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230103&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d67c21208f3888d60326474cbc4bca2d73bd76302ad91ddd21e7d74d7a019dd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11273
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 05 Jan 2023 05:26:47 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 1F5B 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://donpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3705
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 04:25:02 GMT
expires: Fri, 05 Jan 2024 04:25:02 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 63EB 783 B
1 KB 40ms
17ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24df382f4fc03573bf51fdbdea92e3a3a775473c32567d4b613a12310d6351f7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-UZ5TGNTi-zMK8uJ-YuY7SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://donpress.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-UZ5TGNTi-zMK8uJ-YuY7SA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 05 Jan 2023 05:26:47 GMT
expires: Thu, 05 Jan 2023 05:26:47 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js Show response
pagead2.googlesyndication.com/bg/ Frame 1F5B 36 KB
16 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/JwRg8GnJRbSbwgtubA3x1Twn6jgCPCxSQn9TsX0K1wE.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 04 Jan 2023 03:46:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 92436
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16089
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 04 Jan 2024 03:46:11 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 63EB 0
0 42ms
41ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230103&jk=1994494996848145&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 1F5B 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:828::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?k4ONdw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 05 Jan 2023 05:26:47 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 47ms
46ms Image
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230103&jk=1994494996848145&bg=!qqmlqe3NAAYDMoyoIzI7ACkAdvg8WugeD5DQBe93dIDo22vFrwwrhxXU9Z24T7MV7vp09CgfO9_EcQIAAABSUgAAAANoAQeZAp44F3G_e0-KFuTxgToszjyiAfl2WerbhcJHHVEF_zsVXyJwppDGpXS2UhufVcYess-vy7l-BF3NeMjzJZlYIxEWRv9Z9z4gatAJBuhS0GcdTNsT242R6bA1qhSiiaOsmByTSpLCv2Rbq9FBwkl30lctk6DS49YYYYuyObfAO8ndInabsLLIvqvGap0pawOVUjW6ksJ572a8oEGZgbEBcjds08y1Q8bmkH3CigAcpcXhIwu9LqJreBBDQ8DjuVxS4IhjldrCgoMqwE7KmGUkfKdv5bDlxe0T5kS7zoS9V2XNNSE7GXXkfyvl6JMSeS_2sbdMGHGpaZ5muRcfuTMEmlt4rs09Me6fpBKgJ-c1N_Gdb2kkoTKhw_BghnPCIm3RIzmO3fM1S_C8eBaR5YJb4r5I7Ws11JNwhtOaefu7N1WVsHrGl57pBKrX38YbiyWjob1YQlGwbFcS6juRl1slIonowNQ2imogotJ9Pa0ZlvYaCLGVA5Q_k_ZryR1YUVvBVFxBT04w2YVKDLh8_UG4olHxOtvDpMaOapf2U0heUtns9z9IYJXEuXUIArhCrsMC_54nFGfuVTknqq2R-orRWPC-TewNo4xVz06Bx8842YCw-jAM5IrQf6k7OasU5MXZq3peWv0EvD_OEoQzwKM8KqWCYoaU9W-HdVfjbKuStJKY8acpp6QIx64A8xDr5L1XRgpJuNaq7A2TaW2LOZiCdR8NG5mmnV9WaO4VBvumynC8cBGz3ghCABebRotaaXOWC0wh6iuxVelFYKd0FCQYa0jlEhSm55KF_yvQ5Gyi-IFT1NlRsuoimNXbgB-_P_rttvJwGdcSV5Iaj3lGNfmgnKnbvLHW5AxnSNCXeTO5fZOHvXSMDEVT2_9b01WABjKD
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://donpress.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 778B 42 B
64 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsudbHJLRyDu8eeahOQxuh69FNnTa0OX8b2k2SqCD2Pb2QqGlR35_b8NUJjRyq7OmxoASOLg3YqfZsBrHaK9YayUEuE&sig=Cg0ArKJSzLYiIhKQgxsEEAE&id=lidar2&mcvt=1000&p=0,0,280,734&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230104&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3613780203&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1672896407174&rpt=437&met=ie&wmsd=0&pbe=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 05 Jan 2023 05:26:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 49D5 0
127 B 17ms
16ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 05 Jan 2023 05:26:48 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

76 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.donpress.com/	1970-01-20 18:17:36	Name: _ga Value: GA1.2.1540006478.1672896407
.donpress.com/	1970-01-20 08:43:02	Name: _gid Value: GA1.2.1785736100.1672896407
.donpress.com/	1970-01-20 08:41:36	Name: _gat_gtag_UA_50026712_1 Value: 1
.donpress.com/	1970-01-20 18:03:12	Name: __gads Value: ID=21393316249bf000-229234ddfdda00c5:T=1672896407:RT=1672896407:S=ALNI_MZt12M23l0HmQS_i5nbXtNwjiaSFw
.donpress.com/	1970-01-20 18:03:12	Name: __gpi Value: UID=00000b9d5b1351bc:T=1672896407:RT=1672896407:S=ALNI_MYtQUHRbxfY7TbdUfhHF30Ij4mM3A
.doubleclick.net/	1970-01-20 18:03:12	Name: IDE Value: AHWqTUnYHEY_3uNVKXPW8GW8oCng1iCRMSHUA5ep0CDfhu0FQ6kkVYD8irgRFS4U2Qc
.doubleclick.net/	1970-01-20 08:41:37	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	Message: Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'interest-cohort'.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4318230466334591&output=html&h=280&slotname=3685009526&adk=2819269942&adf=609818460&pi=t.ma~as.3685009526&w=485&fwrn=4&fwrnh=100&lmt=1672858633&rafmt=1&format=485x280&url=https%3A%2F%2Fdonpress.com%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1672896407039&bpp=3&bdt=301&idt=148&shv=r20230103&mjsv=m202212060101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C734x280&nras=1&correlator=1119565076999&frm=20&pv=1&ga_vid=1540006478.1672896407&ga_sid=1672896407&ga_hid=1547153983&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=240&ady=1781&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759842%2C44773809%2C31071220%2C44780792&oid=2&pvsid=1994494996848145&tmod=763170396&uas=0&nvt=1&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoEebr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=4xrI3oeqcO&p=https%3A//donpress.com&dtd=153 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
cat.fr.eu.criteo.com
cdnjs.cloudflare.com
connect.facebook.net
csm.eu.criteo.net
donpress.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
s.zmctrack.net
static.addtoany.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
148.251.159.186
178.250.0.160
185.187.81.41
2001:4860:4802:36::178
2606:4700:10::6816:46c5
2606:4700::6811:190e
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:806::200a
2a00:1450:4001:813::2004
2a00:1450:4001:828::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:830::2002
2a00:1450:400c:c04::9a
2a00:1450:400d:807::2002
2a00:1450:400d:80d::2008
2a02:2638:1::2
2a02:2638:1::3
2a02:2638::2
2a02:2638::21
2a02:2638::b
2a02:2638::c
2a03:2880:f02d:12:face:b00c:0:3
04ae2e99275b44ba1cea7ff0f0ebb3580815192c4b76d863b211c727c26d57d0
0525bed80e3c9a3ba30f12b5e77bb2c70a616b742f97f3b13531b3c7fe56099d
080a079d56f1036d7a563855ff75aebf6b1429b40af1d5b23d720e4f2d937040
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0aa6a7045a55ddcb25bbee4d1edcb864081cf59f7fc9bdc1ada22a32ed4ad3ad
0badc1216a43d9dc095fa493328aff3e3d94b3f81192c4d2a50bae0ddc99346a
0c6ae6c55447c7109641d6307ab316d00c668b8258fd3a4e8425cafdee654748
1b2bf5104f7b10149939f26aa764f0eb0441b2cc961b5de382a054f5d3515668
20c74c3c64c1dd3a135617a643bfc026d61fbf5718e79e11899d0b66aef49a99
2110cce190ab5366863b7d652b06b90ea32ad84d8241b5a492a8dead67594335
24df382f4fc03573bf51fdbdea92e3a3a775473c32567d4b613a12310d6351f7
270460f069c945b49bc20b6e6c0df1d53c27ea38023c2c52427f53b17d0ad701
28bc31639b211e4230069e33e1e1bfcc8679e4085f09e91e2ffe07a2ff23a790
2b4f6735d81ced5e77b19c345c39f75f77069dcc7eb01d800786375533480690
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
3eeb3f8ad2c981acd7f9e6cc3fb4d14e8c26015b80a505c6b6dbb4e480b88b8d
46d8bc72a4cfb0bc2555ce67399826e59244fffc05e87d8f611d25dad88c7754
4de4a2a66862ae6b9ffcc1b49b677d5660bad8aa9b9ac7f40a62e9a275daf05c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5592b1f799f3bff73a1b1d87deb4a32a820db0e2dd4a561050c7f1d27116d9a1
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572c25b9ff2b6330127b37bc25ff2c44e675841a6d053521160a9f688586ac6b
5a4192e762a449dfd6e63bee835e0941627223c9159e8219acdd01881a1ac175
5a8d26f9ed6a35c09590374ac076cb1de4082873180829016579ffd784b045ba
5d4126ca7f3d49c50c515a6caf7df110b9da0d833dce9b82bc36485059d5f8db
6066e3d2c7e9f81c821472d29e18268b1b895ad44e7b28201de426c56b4a529e
619a808802b71dd9406f6988a933d1c3893b39066325988f1256598b644e3c83
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
624b713241704e0993f7d2147c1f1408a8a0df1be297a490bfe8e2b89387ce93
651c84e1257a60d8162a24782d1797b27c518d9179d7b427568e6b982be68b60
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d6035b14a28941a9254595ab246b0624b7363aaeff2ce1cb88d7d0cbbd7ded8
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
727e6a1f4a634d6298af8636fd331912b036b6f7783c771d2e06baeb82e2341e
74d222b4420c8c0e429355b4d44b79f7bb6b039047131a0d4a0d4e95a05ed4c4
75c4eb314abef49671c495d78f46f74c6f2f604006fbd1b4bdaa1692480a6652
75db3069f0632974e408ad0aff72f5e7d55344b4ec33b980dcc505d82e4e3b30
76fa6a955ed8377b83f4b71a78fe307303f91728b4b06a50dc89d1f28d6a9918
810284e7c7165d0055169c2715d5f652c132e2ab7439d40d0936ff0e6ba56c99
85624a2ec2d80274f3f40dd8c4b7824d48fb9f08985788ddc25710f15b6d134e
89d262f71be2f1b4ca595536d3d04caaa3cca2420e3d2d8e0a57c22cdc833693
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
920c8ab4139fb61fc7f75b3a192a3888e84fbf594d663fea9a647ef083e6a1f3
998691c2c0c408e5cbf98147176c36679708ce66b26b77f3fc30b83fa5bab311
9a95dbd6f4a6e3d9758692025877599ef715c71669328eb746a79de5c86894b2
9b17d7b0e835b0654ab9d2c7a29f9671368debbb2d1c79dfdf78f306e3dc36eb
9da238ca619f3bf71312de3c9c913c653941ada56cb5e1601aafb6094ae51cdc
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a865393461b27b97db22e5858afb37bc663eb84a97e4f7354be92a7d617e2d5a
a8af32d93ece513c773d600b184e4c423017dd80070fb1e6785cad4303db3659
aadc13c0bdcf3978a1b9c4be509fc59b31ef77f90135d930962c727e42af36a2
ae3cf037c8379938fccd9d7676c4af44829e20299bf9004a7a2ff4e09f616053
b1990c013956d9344c075893b9926658ff4ed0b7f3d4b5d8ff8f0f09c9a450bb
b30751260caf714009392e220dc20a21a0c51b3e26ee0b07c68ca1a80d10e166
b34551ae25916c460423b82beb8e0675b27f76a9a2908f18286260fbd6de6681
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b5054fbf5be5d8f23d76a5952f0eb639b11dca73a57bce20951af174a91d5a40
b58bc4453642e053c59ee44f5506e7e44a763357e16315fef367a9382678223e
b6eeb8a17444f8cad8d55644f6b1be4393bb70891d642fbdf0d61a1cfb621ef3
b84b58bc5684e07213ce13351d3bf6b45f8fabc346f45f4a1ea17a4bbafbdd13
b84df078ffef5f75e26dccb815a5c171aa52f702385070041a1c3411db0ff3a0
b93171560344aaf4bde5addb6386c90f9f446ba7762c500747b7d75d196c29eb
b9a122e608ce504e809c0cd8c2cfcb147bf1c311bcf28c9a576f76e8f9567cfd
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c22693a71099fe8dd4d81691d412211ddf52c49fd0690a4363d2acb53eda868e
c45fe6be930f11fc1f3c5639e8f23888615d9dc0b4da781b74c542aa569b9e59
cfa283a4cb5bf253bdeaaca7e33169fc1013503104e9ee7cfff4a2dc240cc2fd
d5660bfa2da431ef42fd30ad9bd6d1ec5f713694fe3d6dd09cc81168d14c14a6
d65d08cdc2610e1569c0c948b7399e34257d7663583ba7bbe0801090f40fe9fd
d67c21208f3888d60326474cbc4bca2d73bd76302ad91ddd21e7d74d7a019dd8
da7fba3ca3e0b9cd42a9cd10c7c6ed16d2fdb938174116601cd3d51033c6f490
dc7017932f464a2d20ccb431f616619eec6b9f2bee09db90d2f1e1abe6fabd58
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f656f61f0960996ff079230d843f53914b82dc3b665b4ae5c80d1609a66b9501
f883bb3d8bceb6d8af1c613dbec22604a02fcc38c09c5bd29e316243c764bce3

donpress.com Open in urlscan Pro 148.251.159.186 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

104 Requests

100 %HTTPS

88 %IPv6

17 Domains

25 Subdomains

26 IPs

6 Countries

2450 kBTransfer

4186 kBSize

7 Cookies

6 Outgoing links

Redirected requests

104 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

donpress.com Open in urlscan Pro
148.251.159.186 Public Scan

Screenshot
Live screenshot

Full Image

104
Requests

100 %
HTTPS

88 %
IPv6

17
Domains

25
Subdomains

26
IPs

6
Countries

2450 kB
Transfer

4186 kB
Size

7
Cookies

104 HTTP transactions
3 data transactions