www.notpron.com Open in urlscan Pro
91.203.110.219 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.notpron.com/
Effective URL:
http://www.notpron.com/notpron/
Submission: On November 19 via api (November 19th 2023, 3:05:31 pm UTC) from US — Scanned from DE

Summary HTTP 57 Redirects Behaviour Indicators

Summary

This website contacted 14 IPs in 3 countries across 9 domains to perform 57 HTTP transactions. The main IP is 91.203.110.219, located in Germany and belongs to CLOUDPIT, DE. The main domain is www.notpron.com.

This is the only time www.notpron.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 14	91.203.110.219 91.203.110.219	45012 (CLOUDPIT) (CLOUDPIT)
1	184.24.77.162 184.24.77.162	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
7	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:3::10 2a02:2638:3::10	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::1a 2a02:2638:3::1a	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
57	14

14 91.203.110.219 (Germany) 1 redirects

ASN45012 (CLOUDPIT, DE)
PTR: host219.checkdomain.de

www.notpron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.77.162 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-162.deploy.static.akamaitechnologies.com

steamcdn-a.akamaihd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:3::10 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::1a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	criteo.net static.criteo.net — Cisco Umbrella Rank: 668 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 10986 csm.eu.criteo.net — Cisco Umbrella Rank: 10557	229 KB
14	notpron.com 1 redirects www.notpron.com	73 KB
11	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 97 tpc.googlesyndication.com — Cisco Umbrella Rank: 149	239 KB
4	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 33	19 KB
3	criteo.com ads.eu.criteo.com — Cisco Umbrella Rank: 10450 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 11552 rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 16925	62 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 212	64 KB
1	akamaihd.net steamcdn-a.akamaihd.net — Cisco Umbrella Rank: 29369	46 KB
0	webmasterpro.de Failed fc.webmasterpro.de Failed
57	9

	Domain	Requested by
14	imageproxy.eu.criteo.net	ads.eu.criteo.com
14	www.notpron.com	1 redirects www.notpron.com
7	static.criteo.net	ads.eu.criteo.com
6	pagead2.googlesyndication.com	www.notpron.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
4	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
1	www.google.com	tpc.googlesyndication.com
1	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
1	csm.eu.criteo.net	ads.eu.criteo.com
1	cat.nl3.eu.criteo.com	ads.eu.criteo.com
1	ads.eu.criteo.com	googleads.g.doubleclick.net
1	www.googletagservices.com	googleads.g.doubleclick.net
1	steamcdn-a.akamaihd.net	www.notpron.com
0	fc.webmasterpro.de Failed	www.notpron.com
57	14

This site contains no links.

Subject Issuer	Validity	Valid
a248.e.akamai.net DigiCert TLS RSA SHA256 2020 CA1	`2023-05-16` - `2024-05-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-29` - `2023-12-23`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-09` - `2024-01-06`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-09-30` - `2023-12-25`	3 months	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-10-17` - `2024-01-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-10-23` - `2024-01-15`	3 months	crt.sh

This page contains 7 frames:

Primary Page: http://www.notpron.com/notpron/
Frame ID: CA5EDF00EBBB26AF8B2CC4D6242EBF5E
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html
Frame ID: AA9A17D12380F05E8E765958AC8713E7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&h=200&slotname=1616044294&adk=3545677746&adf=3025194257&pi=t.ma~as.1616044294&w=1200&fwrn=4&lmt=1700406327&rafmt=11&format=1200x200&url=http%3A%2F%2Fwww.notpron.com%2Fnotpron%2F&ea=0&wgl=1&dt=1700406327256&bpp=3&bdt=144&idt=221&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=2374311605530&frm=20&pv=2&ga_vid=466901602.1700406327&ga_sid=1700406327&ga_hid=245583725&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079654%2C44807406%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=1628642918594655&tmod=1709991963&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=241
Frame ID: D6D34BE26C02590FA4205ED0300B4EE6
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&adk=1812271804&adf=1573534164&lmt=1700406327&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=http%3A%2F%2Fwww.notpron.com%2Fnotpron%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=150&asacwct=25&dt=1700406327271&bpp=1&bdt=160&idt=235&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&nras=1&correlator=2374311605530&frm=20&pv=1&ga_vid=466901602.1700406327&ga_sid=1700406327&ga_hid=245583725&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079654%2C44807406%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=1628642918594655&tmod=1709991963&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=242
Frame ID: 9D84011A9AA379BAF28E831D8E33B3EB
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVokNwAH87QK7feUAA2KCQyGj96fD6k3LjZyxw&u=%7CXiZgc4ydBQfsGniNw%2B06eE3uuLK%2BDBqF17nF%2Fshkbuw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWkHfg6v5_O0PoBUniD7pyLo5pC3VV1EXe9JH0NFtge7XiIaaN2lFjDfDuwBl-XZGfLcHScQUeA22uFGtLhScg5OqazuezngfUhIhXOyqCAJc783aw41QgY-sUNiQo6pxgms1gRkRDBAaUtfy5Hucxo3-0j1qsOt89kDo51W1lQHxEXDYZVfp42Q0EBCskRfSdMi_0_AKxcgylGt24NDjNgk4hJIAAHHIxCdhZQgxlHNAOKYnfUu9yUnSLz5eXZ6M41UJ7BDQiJbhDhezvkCM8PPmkB38wBh_dD0qewILeNxiHCT50ii_2EY03HkWLp4CgN0SwW9VNrYur6DET6eLxZlECEG1gjMcIs0l_vXuC13BqwYMoZU4SBnOyUtl6KUX0hwBTIvOqtVzMuxIb2KHZbH2bu4k4CoMiBi3ip-hmjgq3hlWOCRvBqbM2xHYypAm9TWeAqVR7qV6RSE-TeGw7xgirFxRjaLrQ9MCxqBg7Eucqsgkmwgm9xKBpMODJ2Djho0XFE9e3rEQky96qHepR7S-dkoCbOvCClXib83T2rQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyHNFNyRaZbTnH5TvtweJlLb4Bcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NTE5ODIxMjY4NjAxNjjIAQmpAiZpx6wPULI-qAMByAMCqgTQAU_QkKaup1YV-l4GBiaxuA9LiWA8Vfk-wlVGxuze6BOYtznWF7r-f5Ys5TeWu3IhWFcHMyKP9lyGZYMSqcNFQU8zWhlWw1gnfhH-nsAH72AVzJs2IEETz_vR3Ywmga2xTUlN_1IVWU_EAnATwcrWZIyz80oryPsw7MgPR9W_TbnqsvNm06ubNicQYuBpTeX0F5Y_1QrVinck6T0nuZlJM7uyE6IFIlZr6Ej0gNsRLkJaj4wTRK_rJS06wg0CSU8oHJLhysQhiMD7al-hA4bOSgGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0wLuletnLawMX_LKEjvURjP5Qyew%26client%3Dca-pub-3851982126860168%26adurl%3D
Frame ID: 523DCF80A69F72833D1CB86AABC660F1
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: EA5584818B019FBA073C74318CA80F94
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4108375BCD257B781F667FD2F6010C5B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://www.notpron.com/ HTTP 302
http://www.notpron.com/notpron/ Page URL

Page Statistics

57
Requests

74 %
HTTPS

77 %
IPv6

9
Domains

14
Subdomains

14
IPs

3
Countries

732 kB
Transfer

1472 kB
Size

4
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.notpron.com/ HTTP 302
http://www.notpron.com/notpron/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://fc.webmasterpro.de/counter.php?name=DavidM1337&style=none HTTP 301
https://fc.webmasterpro.de/counter.php?name=DavidM1337&style=none

57 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request / Show response
www.notpron.com/notpron/
Redirect Chain

http://www.notpron.com/
http://www.notpron.com/notpron/

8 KB
3 KB

209ms
208ms

Document
text/html

91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.notpron.com/notpron/
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 70a8ec1ae20cf4872a469c810a0e92ea5d4588f6bbb2a7a9e8a75392e30e2492

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=3600, public
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3090
Content-Type: text/html; charset=UTF-8
Date: Sun, 19 Nov 2023 15:05:27 GMT
Server: nginx
Vary: Accept-Encoding
X-Robots-Tag: noindex

Redirect headers

Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Date: Sun, 19 Nov 2023 15:05:26 GMT
Location: /notpron/
Server: nginx
Transfer-Encoding: chunked

GET
H/1.1 404
Not Found AC_ActiveX.js
www.notpron.com/Scripts/ 0
0 28ms
27ms Script
text/html 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.notpron.com/Scripts/AC_ActiveX.js
Requested by: Host: www.notpron.com
URL: http://www.notpron.com/notpron/
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:27 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET
H/1.1 404
Not Found AC_RunActiveContent.js
www.notpron.com/Scripts/ 0
0 42ms
22ms Script
text/html 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to

Full URL: http://www.notpron.com/Scripts/AC_RunActiveContent.js
Requested by: Host: www.notpron.com
URL: http://www.notpron.com/notpron/
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:27 GMT
Content-Encoding: gzip
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: text/html; charset=iso-8859-1

GET

counter.php
fc.webmasterpro.de/
Redirect Chain

http://fc.webmasterpro.de/counter.php?name=DavidM1337&style=none
https://fc.webmasterpro.de/counter.php?name=DavidM1337&style=none

0
0

GET
H/1.1 200
OK logo9.jpg
www.notpron.com/notpron/gfx/ 42 KB
42 KB 42ms
22ms Image
image/jpeg 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/gfx/logo9.jpg
Requested by: Host: www.notpron.com
URL: http://www.notpron.com/notpron/
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: b68573cb0e3942f0579133a4112b00eceef2dcca5a37e6cdc9224948ac8e8f9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:27 GMT
Last-Modified: Thu, 01 Dec 2011 16:38:07 GMT
Server: nginx
ETag: "4ed7ad6f-a673"
Content-Type: image/jpeg
Cache-Control: max-age=3600, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 42611

GET
H/1.1 200
OK click.jpg
www.notpron.com/notpron/gfx/ 3 KB
3 KB 53ms
27ms Image
image/jpeg 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/gfx/click.jpg
Requested by: Host: www.notpron.com
URL: http://www.notpron.com/notpron/
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: a44da1867e8e630a9f049f7dceaa4fd35640be2fda75ddc4575f6bf226ccb3a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:27 GMT
Last-Modified: Fri, 02 Dec 2011 20:23:14 GMT
Server: nginx
ETag: "4ed933b2-bdf"
Content-Type: image/jpeg
Cache-Control: max-age=3600, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3039

GET
H2 200 header.jpg
steamcdn-a.akamaihd.net/steam/apps/813630/ 46 KB
46 KB 53ms
8ms Image
image/jpeg 184.24.77.162
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://steamcdn-a.akamaihd.net/steam/apps/813630/header.jpg?t=1530810641
Requested by: Host: www.notpron.com
URL: http://www.notpron.com/notpron/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 184.24.77.162 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a184-24-77-162.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 1bca009966e9e32e2ae2bf3a90a196fd68ac0f377982998f9d6ce9440b93e8c5

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
last-modified: Wed, 03 Aug 2022 17:31:48 GMT
server: nginx
etag: "62eab104-b900"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=141714
accept-ranges: bytes
content-length: 47360
expires: Tue, 21 Nov 2023 06:27:21 GMT

GET
H/1.1 200
OK en.gif
www.notpron.com/notpron/gfx/ 630 B
949 B 28ms
27ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/gfx/en.gif
Requested by: Host: www.notpron.com
URL: http://www.notpron.com/notpron/
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: cacec6a0e5d27a3d8da847abef8cebb7e3a5585eb7193c4e9abf4b8a2a613038

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:27 GMT
Last-Modified: Wed, 19 Aug 2009 13:41:44 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "276-4717ecbb07600"
Content-Type: image/gif
Cache-Control: max-age=3600, public
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 630

GET
H/1.1 200
OK de.gif
www.notpron.com/notpron/gfx/ 444 B
763 B 39ms
28ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/gfx/de.gif
Requested by: Host: www.notpron.com
URL: http://www.notpron.com/notpron/
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: b7b3c739d9512b03d33b1cc737fa17c97255494005a582663b98612ab0ad4aa6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:27 GMT
Last-Modified: Wed, 19 Aug 2009 13:41:44 GMT
Server: nginx
X-Accel-Version: 0.01
ETag: "1bc-4717ecbb07600"
Content-Type: image/gif
Cache-Control: max-age=3600, public
Connection: keep-alive
Accept-Ranges: bytes
X-Robots-Tag: noindex
Content-Length: 444

GET
H/1.1 200
OK ch.gif
www.notpron.com/notpron/gfx/ 2 KB
2 KB 42ms
22ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/gfx/ch.gif
Requested by: Host: www.notpron.com
URL: http://www.notpron.com/notpron/
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: b2d25a73a9e437d755cec5b779a979f57f3ab2de9289efa694d907c38dd0c1c1

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:27 GMT
Last-Modified: Wed, 19 Aug 2009 13:41:44 GMT
Server: nginx
ETag: "4a8c0118-82e"
Content-Type: image/gif
Cache-Control: max-age=3600, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2094

GET
H/1.1 200
OK cntr.php
www.notpron.com/notpron/hitcntr/ 10 KB
11 KB 34ms
33ms Image
image/png 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/hitcntr/cntr.php
Requested by: Host: www.notpron.com
URL: http://www.notpron.com/notpron/
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: afe150fe9d2953fe967f99e4efffa493235d5e625b06aad82c3d7c52fd02b0b6

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 19 Nov 2023 15:05:27 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: image/png
Cache-Control: no-store, no-cache, must-revalidate, max-age=3600, public
Connection: keep-alive
X-Robots-Tag: noindex
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 151 KB
55 KB 60ms
54ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.notpron.com
URL: http://www.notpron.com/notpron/

Protocol

HTTP/1.1

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e969383834e765479518f8d13a32e8b2c8614f5cddad6e39d3f4f11cd632f082

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:27 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 55858
X-XSS-Protection: 0
Server: cafe
ETag: 13393813520344878209
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 19 Nov 2023 15:05:27 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/ 397 KB
134 KB 117ms
73ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3851982126860168&plah=www.notpron.com&bust=31079654

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c14122cb01ce0905ea198b64a76e9fa0c99d241c905e4cecbfe01532754241aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 137188
x-xss-protection: 0
server: cafe
etag: 1869633511981504825
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 19 Nov 2023 15:05:27 GMT

GET
H2 200 zrt_lookup_fy2021.html Show response
googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/ Frame AA9A 9 KB
4 KB 56ms
13ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20231109/r20190131/zrt_lookup_fy2021.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.notpron.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 26719
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4118
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 07:40:08 GMT
etag: 16674218716276178799
expires: Sun, 03 Dec 2023 07:40:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D6D3 36 KB
15 KB 290ms
289ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&h=200&slotname=1616044294&adk=3545677746&adf=3025194257&pi=t.ma~as.1616044294&w=1200&fwrn=4&lmt=1700406327&rafmt=11&format=1200x200&url=http%3A%2F%2Fwww.notpron.com%2Fnotpron%2F&ea=0&wgl=1&dt=1700406327256&bpp=3&bdt=144&idt=221&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=2374311605530&frm=20&pv=2&ga_vid=466901602.1700406327&ga_sid=1700406327&ga_hid=245583725&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079654%2C44807406%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=1628642918594655&tmod=1709991963&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=241

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311130101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-3851982126860168&plah=www.notpron.com&bust=31079654

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

622514b2b5e20ec7e62803e01c231955359cebee2b6d842d69262e28142bd4a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.notpron.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 14658
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 15:05:27 GMT
expires: Sun, 19 Nov 2023 15:05:27 GMT
observe-browsing-topics: ?1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9D84 0
19 B 29ms
29ms Document
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&adk=1812271804&adf=1573534164&lmt=1700406327&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=500x540_l%7C500x540_r&format=0x0&url=http%3A%2F%2Fwww.notpron.com%2Fnotpron%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&aslcwct=150&asacwct=25&dt=1700406327271&bpp=1&bdt=160&idt=235&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&prev_fmts=1200x200&nras=1&correlator=2374311605530&frm=20&pv=1&ga_vid=466901602.1700406327&ga_sid=1700406327&ga_hid=245583725&ga_fc=0&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079654%2C44807406%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=1628642918594655&tmod=1709991963&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=2&uci=a!2&fsb=1&dtd=242

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.notpron.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 15:05:27 GMT
expires: Sun, 19 Nov 2023 15:05:27 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D6D3 3 KB
1 KB 69ms
7ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&h=200&slotname=1616044294&adk=3545677746&adf=3025194257&pi=t.ma~as.1616044294&w=1200&fwrn=4&lmt=1700406327&rafmt=11&format=1200x200&url=http%3A%2F%2Fwww.notpron.com%2Fnotpron%2F&ea=0&wgl=1&dt=1700406327256&bpp=3&bdt=144&idt=221&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=2374311605530&frm=20&pv=2&ga_vid=466901602.1700406327&ga_sid=1700406327&ga_hid=245583725&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079654%2C44807406%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=1628642918594655&tmod=1709991963&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=241

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:19:40 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17147
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 03 Dec 2023 10:19:40 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/ Frame D6D3 20 KB
9 KB 68ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20231109/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sat, 18 Nov 2023 23:16:58 GMT
content-encoding: br
x-content-type-options: nosniff
age: 56909
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8541
x-xss-protection: 0
server: cafe
etag: 737174102934380276
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Dec 2023 23:16:58 GMT

GET
H2 200 ufs_web_display.js Show response
www.googletagservices.com/activeview/js/current/ Frame D6D3 202 KB
64 KB 151ms
103ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/ufs_web_display.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65070
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1700193896630564"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 19 Nov 2023 15:05:27 GMT

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 523D 216 KB
61 KB 132ms
92ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVokNwAH87QK7feUAA2KCQyGj96fD6k3LjZyxw&u=%7CXiZgc4ydBQfsGniNw%2B06eE3uuLK%2BDBqF17nF%2Fshkbuw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWkHfg6v5_O0PoBUniD7pyLo5pC3VV1EXe9JH0NFtge7XiIaaN2lFjDfDuwBl-XZGfLcHScQUeA22uFGtLhScg5OqazuezngfUhIhXOyqCAJc783aw41QgY-sUNiQo6pxgms1gRkRDBAaUtfy5Hucxo3-0j1qsOt89kDo51W1lQHxEXDYZVfp42Q0EBCskRfSdMi_0_AKxcgylGt24NDjNgk4hJIAAHHIxCdhZQgxlHNAOKYnfUu9yUnSLz5eXZ6M41UJ7BDQiJbhDhezvkCM8PPmkB38wBh_dD0qewILeNxiHCT50ii_2EY03HkWLp4CgN0SwW9VNrYur6DET6eLxZlECEG1gjMcIs0l_vXuC13BqwYMoZU4SBnOyUtl6KUX0hwBTIvOqtVzMuxIb2KHZbH2bu4k4CoMiBi3ip-hmjgq3hlWOCRvBqbM2xHYypAm9TWeAqVR7qV6RSE-TeGw7xgirFxRjaLrQ9MCxqBg7Eucqsgkmwgm9xKBpMODJ2Djho0XFE9e3rEQky96qHepR7S-dkoCbOvCClXib83T2rQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyHNFNyRaZbTnH5TvtweJlLb4Bcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NTE5ODIxMjY4NjAxNjjIAQmpAiZpx6wPULI-qAMByAMCqgTQAU_QkKaup1YV-l4GBiaxuA9LiWA8Vfk-wlVGxuze6BOYtznWF7r-f5Ys5TeWu3IhWFcHMyKP9lyGZYMSqcNFQU8zWhlWw1gnfhH-nsAH72AVzJs2IEETz_vR3Ywmga2xTUlN_1IVWU_EAnATwcrWZIyz80oryPsw7MgPR9W_TbnqsvNm06ubNicQYuBpTeX0F5Y_1QrVinck6T0nuZlJM7uyE6IFIlZr6Ej0gNsRLkJaj4wTRK_rJS06wg0CSU8oHJLhysQhiMD7al-hA4bOSgGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0wLuletnLawMX_LKEjvURjP5Qyew%26client%3Dca-pub-3851982126860168%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

464dca8342bcedc29310dc3e64d4aebc4ee11bc149379825e67ee7aec02a930a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 15:05:27 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=aCZAPVA0flY_eIIlzBkPifFNDY6bnIxPRHmvJqq6HDhHOLYDQwUl0Vlu1HnjQSGvwhXZngkQoYzJ2W8k6a-mv4HSY_0EleWd6cWRtY4vTc2LWAeOOPXEU-OWxTKqKjQdgCJPFciau8_nInXZAuIX0X555Ox0L2HS2iSrdwdHRyhuMuu_KkKODWZTTJBeooq_d0tLhaE9xArdSOE2VayImEf19gSVXKBnQdA9sdv_5um23OT9e9uH8__NZ1KOjnQPOsoUYA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 73695441
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 523D 2 KB
1 KB 42ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZVokNwAH87QK7feUAA2KCQyGj96fD6k3LjZyxw&u=%7CXiZgc4ydBQfsGniNw%2B06eE3uuLK%2BDBqF17nF%2Fshkbuw%3D%7C&c1=d4_i42wbpE2NRhSHxThdXdeadzG9gosNB-Ap14Pg0HmFAf1GHAR2jhV7Kd6SKvkZ2c775jfyZY6fGSNGGFpANWkHfg6v5_O0PoBUniD7pyLo5pC3VV1EXe9JH0NFtge7XiIaaN2lFjDfDuwBl-XZGfLcHScQUeA22uFGtLhScg5OqazuezngfUhIhXOyqCAJc783aw41QgY-sUNiQo6pxgms1gRkRDBAaUtfy5Hucxo3-0j1qsOt89kDo51W1lQHxEXDYZVfp42Q0EBCskRfSdMi_0_AKxcgylGt24NDjNgk4hJIAAHHIxCdhZQgxlHNAOKYnfUu9yUnSLz5eXZ6M41UJ7BDQiJbhDhezvkCM8PPmkB38wBh_dD0qewILeNxiHCT50ii_2EY03HkWLp4CgN0SwW9VNrYur6DET6eLxZlECEG1gjMcIs0l_vXuC13BqwYMoZU4SBnOyUtl6KUX0hwBTIvOqtVzMuxIb2KHZbH2bu4k4CoMiBi3ip-hmjgq3hlWOCRvBqbM2xHYypAm9TWeAqVR7qV6RSE-TeGw7xgirFxRjaLrQ9MCxqBg7Eucqsgkmwgm9xKBpMODJ2Djho0XFE9e3rEQky96qHepR7S-dkoCbOvCClXib83T2rQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCyHNFNyRaZbTnH5TvtweJlLb4Bcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NTE5ODIxMjY4NjAxNjjIAQmpAiZpx6wPULI-qAMByAMCqgTQAU_QkKaup1YV-l4GBiaxuA9LiWA8Vfk-wlVGxuze6BOYtznWF7r-f5Ys5TeWu3IhWFcHMyKP9lyGZYMSqcNFQU8zWhlWw1gnfhH-nsAH72AVzJs2IEETz_vR3Ywmga2xTUlN_1IVWU_EAnATwcrWZIyz80oryPsw7MgPR9W_TbnqsvNm06ubNicQYuBpTeX0F5Y_1QrVinck6T0nuZlJM7uyE6IFIlZr6Ej0gNsRLkJaj4wTRK_rJS06wg0CSU8oHJLhysQhiMD7al-hA4bOSgGABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTr6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0wLuletnLawMX_LKEjvURjP5Qyew%26client%3Dca-pub-3851982126860168%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Nov 2024 15:05:27 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 523D 2 KB
1 KB 41ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Nov 2024 15:05:27 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 523D 308 B
636 B 41ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 13 Nov 2024 15:05:27 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 523D 293 B
621 B 48ms
21ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 13 Nov 2024 15:05:27 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 523D 43 B
348 B 53ms
14ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=ECAuELJJ1NWGcSKhkbfRcEAoML3hrOKynuGCDjXwygCMlxi16RVTz4Y0Hvi3E1T_Y4b7fiWfhWICKNF_ukp_ZsSsgoZChS6LPVa71rleYTPWo8yMTj_B3b0ZqdpfT2ZZZNpsmiOcrqFBeG2dA0uIt05utlv_KnihKYG3l--jj8WrjXf6ywHidBwXui-T6EaK2l4GipeS_axlHIeARb7x5aHc4aXTN9MXg1e-37kVI4QO0bBr0A-L-nJxG3q-9cjI6zXnr6xAme4Av_dQvHEM1y1-xrjRTpheJYqn5gcFMEFscC2bO5nQZGZhXoFrqyX2lLL-FXn2k1iXyTPXe15HYu8ZjrZl_cp9nVCaRY80A8w7zuqzMMgIaOh9knE8pBTXnoGHn7eJNlP_otYUmqYIt_Zpiv0n71Iy_65gXktNLudKl894

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1389495
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
DATA 200
OK truncated
/ Frame D6D3 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f908bbe873162d81924f7dfa9ba753c69c58c548e6bf4fb4dc46a1049f02d0fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 523D 12 KB
6 KB 29ms
24ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Nov 2024 15:05:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 3 KB
3 KB 73ms
44ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=396&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048761%2Fa3f0898f86f64789bbd23c4401ec4120_kare-spassamwohnen-2020-clean-rgb.jpg&v=3&w=196&rid=4&s=1CNibvzYA8iGZZSFxMaO4Ig3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7954fe9614832a5c8356adb849ba452f10b14a1a7b84daa41aaca52207b04a84

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 3078
expires: Fri, 18 Oct 2024 12:21:21 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 28 KB
28 KB 68ms
40ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=1200&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F9292%2F5048761%2F21393a45d2d04d6bbea2d1b316744f92_2023-09-native-ads-strong-man-640x360px.jpg&v=3&w=1200&rid=4&s=wGcMqd2HLx53ehIzq9jTzNfd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

62ade288f2abf7a6aa32dd1342efedc3ae89cd69a61d55011e3ef07881bfcad4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 28872
expires: Fri, 18 Oct 2024 12:21:30 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 10 KB
10 KB 68ms
39ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Ffb3c6521a2f2363dbee02d5c67b1049c48c25e52.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=3lfh2AvOeTr-8bWNCVCMv3Gz&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

61eef6998cff847f974ada3d86a9e0fa78734531127864660c20ccbce845eb20

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10466
expires: Sat, 02 Nov 2024 07:49:48 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 21 KB
22 KB 63ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Ff584d058cca6e5437fb3bc1dc58c03e57fb050ac.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=juC9B3A8X3zZOo5QXCQF8lJu&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

94211a31e7072ed3a7742c5b22452ea41f5eeb5c1a4ed08672b10daae938bf49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21954
expires: Thu, 07 Nov 2024 13:08:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 24 KB
24 KB 56ms
27ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F418c6a4fed5aad0681f64d6c54aac738c909f63c.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=5NloalSo2WuNyQSkerCzzVca&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4ef869b0990045da43f072f0520006bcfd8259f6d1b30d9a9336b6ff363a7626

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 24482
expires: Sat, 02 Nov 2024 06:48:00 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 16 KB
16 KB 50ms
22ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fc48de815c4aec6a77a0ae995589ca4e3695d56ae.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=t4F0Tkcqls-ljZcLffEgjnUO&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f2b17ce65627dea6b8ee787f4e354ff3647aa92bd7653a28a9befc01c25f31ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 16328
expires: Wed, 06 Nov 2024 13:32:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 6 KB
6 KB 34ms
33ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2Fc1ace0e56cf7ca2722f6c8efefa2a1b535d2b088.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=hjNH2eSIo4FRuZWxEf26zPL0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

f280711898dd279348bbdf0fd10d7b22f9d0de316a5597b9cb4e1d8c86c5d3b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 6266
expires: Sat, 02 Nov 2024 09:11:32 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 18 KB
19 KB 32ms
31ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F0b334bdedc8da743bec5ae3f0a8331338407ba53.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=qYpALRUbIO007K072IAegPmH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

b4d7eeeb54041c9306ef387c0a199e55ee854f229629fe603ff76df5805a1382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 18898
expires: Sat, 02 Nov 2024 09:51:43 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 19 KB
19 KB 36ms
35ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F1863b951ebd5739144c828a117eceab02882e30c.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=4gKP3_hDH00NIQMtZjgcEmi-&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e991dedaed602c8720897973b17993c9e3c122d66bb1c835807ec21af9b5886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 19222
expires: Sun, 03 Nov 2024 09:23:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 14 KB
15 KB 41ms
40ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F71c993565b037026d9508a2340ba99fb8cc7038b.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=4QNbs0WRlASg2e8aEBVDWU_N&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

823453fb848eedc9f17d8a2bd41b244fabbd1dbd11f5785ef542837c0dbd6dbc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 14820
expires: Sun, 03 Nov 2024 06:49:05 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 21 KB
21 KB 34ms
34ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F28cdec48592007aeb1404086d89e84e9b0628439.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=CP5g8G4FpyX1ixNSkfHWei_K&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

136abe5a5e2bc44d9d5e0b914b4e89c433c6f26fb969bccc5a4614ca4e345bf9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 21206
expires: Sat, 02 Nov 2024 09:15:27 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 17 KB
17 KB 39ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F3c37db46d03b2c69b7ad9c49afd3f4a86cf1253b.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=-r4rlqrKAP2TZ0eIYX6m81A0&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

543d07cb6950ccf35d16cebe57f5eb15801ea2374235ce766b4c24042894a23d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 17306
expires: Sun, 03 Nov 2024 16:03:02 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 5 KB
6 KB 37ms
37ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F1b1610696a9e2ef619fa9d3c8414475fdae8443f.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=O39DE6lLrcqJnKVPLDzEMpN2&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3f7c358a7bc4811e9a9751a0eaddc6c0d423b2271937014ca0ebd1a9217b67ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 5488
expires: Sat, 02 Nov 2024 11:38:04 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 523D 10 KB
10 KB 38ms
38ms Image
image/webp 2a02:2638:3::10
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=9292&q=80&r=0&u=https%3A%2F%2Fcdn.karestatic.com%2Fproduct-image%2F12adcd3568ff77ffdb191341b93f5d0a67b79326.jpg%3Fio%3Dtrue%26canvas%3D1%3A1%26width%3D1024&v=3&w=800&rid=4&s=1dUATj3M_uipSqfoMAj2erbk&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::10 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7c4a04c2bc2bed05978de0b99cd155bf3d297a21ce323b9a374b21b967838234

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
timing-allow-origin: *
content-length: 10394
expires: Thu, 10 Oct 2024 07:13:28 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 523D 0
128 B 40ms
13ms Ping
text/plain 2a02:2638:3::1a
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=aCZAPVA0flY_eIIlzBkPifFNDY6bnIxPRHmvJqq6HDhHOLYDQwUl0Vlu1HnjQSGvwhXZngkQoYzJ2W8k6a-mv4HSY_0EleWd6cWRtY4vTc2LWAeOOPXEU-OWxTKqKjQdgCJPFciau8_nInXZAuIX0X555Ox0L2HS2iSrdwdHRyhuMuu_KkKODWZTTJBeooq_d0tLhaE9xArdSOE2VayImEf19gSVXKBnQdA9sdv_5um23OT9e9uH8__NZ1KOjnQPOsoUYA&sds=2&rev=89278&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::1a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 523D 2 KB
1 KB 14ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Nov 2024 15:05:27 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 523D 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 13 Nov 2024 15:05:27 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame D6D3 0
23 B 51ms
50ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7D9rNyRaZbTnH5TvtweJlLb4Bcme0rFc1fbi1pMBwI23ARABIABgleKQgqAHggEXY2EtcHViLTM4NTE5ODIxMjY4NjAxNjjIAQmpAiZpx6wPULI-qAMByAMCqgTNAU_QkKaup1YV-l4GBiaxuA9LiWA8Vfk-wlVGxuze6BOYtznWF7r-f5Ys5TeWu3IhWFcHMyKP9lyGZYMSqcNFQU8zWhlWw1gnfhH-nsAH72AVzJs2IEETz_vR3Ywmga2xTUlN_1IVWU_EAnATwcrWZIyz80oryPsw7MgPR9W_TbnqsvNm06ubNicQYuBpTeX0F5Y_1QrVinck6T0nuZlJM7uyE6IFIlZrqkrVEluC_n_8X6vJyI8CgSMdyLsIZ1eqqFrcbDaeluzj8pU1I2-ABrbKkt-fqNqelgGgBiGoB6a-G6gHltgbqAeqm7ECqAeDrbECqAf_nrECqAffn7EC2AcA0ggUCIDhgBAQATICqgI6AoBASL39wTqACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMzg1MTk4MjEyNjg2MDE2OBgA&sigh=VOrhw3B8I5Y&uach_m=[UACH]&cid=CAQSTgDICaaNuCSxFEQLU4l7OZFjF7Vus6QoDlzHYZxfg5jBh9vDuSlEDrAVtNEaTcylSo8msVumyKdkhpEuKw6Uxk-qt7tocB2OphR08hsEzhgB&cbvp=2&vis=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&h=200&slotname=1616044294&adk=3545677746&adf=3025194257&pi=t.ma~as.1616044294&w=1200&fwrn=4&lmt=1700406327&rafmt=11&format=1200x200&url=http%3A%2F%2Fwww.notpron.com%2Fnotpron%2F&ea=0&wgl=1&dt=1700406327256&bpp=3&bdt=144&idt=221&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=2374311605530&frm=20&pv=2&ga_vid=466901602.1700406327&ga_sid=1700406327&ga_hid=245583725&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079654%2C44807406%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=1628642918594655&tmod=1709991963&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=241
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 19 Nov 2023 15:05:28 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 19 Nov 2023 15:05:28 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame D6D3 0
126 B 51ms
14ms Image
text/plain 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=kMHZGMz6RLAJyAGdg2ICAgAAAFmWP7FlT7RgEDckWmWu3MjK4ZAn4IOvAAASAAAKCkFRVURBUUVCQVE&wp=ZVokNwAH87QK7feUAA2KCQyGj96fD6k3LjZyxw&cbvp=2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:27 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 177925
server: Kestrel
content-length: 0

GET
H/1.1 200
OK en2.gif
www.notpron.com/notpron/gfx/ 1 KB
2 KB 23ms
23ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/gfx/en2.gif
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 438aff17b56e5afabbb66d340d23aa803e55a65f66fec1f0b87efe0840cbd710

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:28 GMT
Last-Modified: Wed, 19 Aug 2009 13:41:39 GMT
Server: nginx
ETag: "4a8c0113-585"
Content-Type: image/gif
Cache-Control: max-age=3600, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1413

GET
H/1.1 200
OK de2.gif
www.notpron.com/notpron/gfx/ 2 KB
2 KB 29ms
29ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/gfx/de2.gif
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: add8fd9119982dd48929d9bde9e0216671832a400a1cd396ba95a3f5a7f09322

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:28 GMT
Last-Modified: Wed, 19 Aug 2009 13:41:40 GMT
Server: nginx
ETag: "4a8c0114-6f9"
Content-Type: image/gif
Cache-Control: max-age=3600, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1785

GET
H/1.1 200
OK ch2.gif
www.notpron.com/notpron/gfx/ 2 KB
3 KB 24ms
23ms Image
image/gif 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/gfx/ch2.gif
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: d9cb173d6bc06ea48d792075cfcd94765ea3c17edf3d0c7a2ddd8f68d1a9ee32

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:28 GMT
Last-Modified: Wed, 19 Aug 2009 13:41:41 GMT
Server: nginx
ETag: "4a8c0115-8f3"
Content-Type: image/gif
Cache-Control: max-age=3600, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2291

GET
H/1.1 200
OK click2.jpg
www.notpron.com/notpron/gfx/ 3 KB
3 KB 23ms
23ms Image
image/jpeg 91.203.110.219
CLOUDPIT

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://www.notpron.com/notpron/gfx/click2.jpg
Protocol: HTTP/1.1
Server: 91.203.110.219 , Germany, ASN45012 (CLOUDPIT, DE),
Reverse DNS: host219.checkdomain.de
Software: nginx /
Resource Hash: 4c5c55d6256af3b2dabc99ec109cd54789fe0380310e13bd42611aa977cb3bad

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/notpron/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Date: Sun, 19 Nov 2023 15:05:28 GMT
Last-Modified: Fri, 02 Dec 2011 20:23:14 GMT
Server: nginx
ETag: "4ed933b2-bd2"
Content-Type: image/jpeg
Cache-Control: max-age=3600, public
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3026

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 69ms
55ms XHR
application/json 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20231109&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ece27c4fc6fce0bf2466eb09279c6fcc519f6a4cea1d57e4aebb3a3d18c447f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12319
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 19 Nov 2023 15:05:28 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame EA55 13 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://www.notpron.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 17148
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 10:19:40 GMT
expires: Mon, 18 Nov 2024 10:19:40 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4108 829 B
1 KB 39ms
17ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

66f67f157cbcad67a908324e7f8b7c9b960ed0e9f6c0c6d84d0b07f8d6f5cf97

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-x4VNQVDeHTjFwXUjk08rDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://www.notpron.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-security-policy: script-src 'report-sample' 'nonce-x4VNQVDeHTjFwXUjk08rDA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 19 Nov 2023 15:05:28 GMT
expires: Sun, 19 Nov 2023 15:05:28 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js Show response
pagead2.googlesyndication.com/bg/ Frame EA55 39 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/GOa2ZK97xVqw-WOSDw2lqG4V8l_qTiI5JNj0tnI6N88.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 10:17:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17251
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15296
x-xss-protection: 0
last-modified: Mon, 06 Nov 2023 16:38:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 18 Nov 2024 10:17:57 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4108 0
0 150ms
150ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20231109&jk=1628642918594655&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame EA55 0
10 B 6ms
6ms Image
text/plain 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?gV7HKA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

date: Sun, 19 Nov 2023 15:05:28 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 157ms
156ms Image
text/html 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20231109&jk=1628642918594655&bg=!RkWlRQrNAAZxrfrxUa07ADQBe5WfOPst8S7L97G-abIJll1pYmLAXmsDo_XNudqVtEb35AsSnp_bi4IthE54bv6jkM9YAgAAAEpSAAAABWgBB5kCvfeUl1rwjJ8cU1CtyyPepyDGb8ooFsuzZqzpXJzdLvrf7XMOfaaVHrY9HQyivi32HvkKWtoCNw5CNwM-Bm9eHdTLSBGeLhdZHP3Qw16VC3GIxJABcWYsdGIePp9mScpngvhJoeLb6r3MiNygXn8O6HdEuh4RYoyjw-lhEK6Kt5plvPMtng2KVgu1NWp2P2SK7RG7-rrhFeAeWqt1andWbzl1taR_SPEGUrg_rXZ30Hwpaf83v2KVavXkXsWHmdRr91jcKVCAFONUVUJlNrFwI-WB_HP_-r_ScfQ9MOqa1D1SIHeNT0XrrBP5-dgFrGSOdEEQLGbZXPxHBcO5kJ6cqdv0Hl8r3aIU5_eXO91DKrB42pCzoJQycmAZRCFb5f76fBmzedOzj0kJXLCBEq8KuWDqfkfeSjsGn21Y2UtnyC1m4YPwO2b7MnWulKqkHP-iQPNcNNxlP3BOFGY7t1J1dnbFqrLKx0KJvWM1GuQdazQNpphGYboc4SVsa6ZLB7XDBm4TljgRZd_M5YEsufRUFrYuBmrUivqznewyLzao4EK9DI7KuXiIj3N7-L2fN9maBM5Hf-Rgw4K7UCiQABULViuZbZk2L2t5VJawHsaeaCj56RAFUWXA8hCEeOjMUpAUMST8kXe9ZHo1amIlaXZFk3DvYFt3S_8vawDKGbxQJmnZP9c-uUUuvt6Yy3pEwHUswEeOzTTXdvURzZMUbz6apUwNDsGR8wB5rtuCrmgpyl1HGYRA8TE5PrwcjwmGAbwXISaIU6S8KIXTKN1Ml1Er6642UdobEFoYoXwCSZWY0N9c0dmZjtTSky5jAhkn9o__RBDz6V1ZiJW97qekSYiQQ6mE2s2q3WHN59aVXcs-d_vDdm7fr09CmcC_fo_q2HY1qWXECbg5uoMgp7sfZLjoffWBcyfDI7gq3yoIj8vT
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://www.notpron.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.159 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: fc.webmasterpro.de
URL: https://fc.webmasterpro.de/counter.php?name=DavidM1337&style=none

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

4 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.notpron.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: aaa87622168130ab46e76507847679cc
.notpron.com/	1970-01-21 01:41:42	Name: __gads Value: ID=667a0cc1e95c008d:T=1700406327:RT=1700406327:S=ALNI_MZL3VQABlKMHGJ0mMlasMSMpzSKjg
.notpron.com/	1970-01-21 01:41:42	Name: __gpi Value: UID=00000cddb5e0155f:T=1700406327:RT=1700406327:S=ALNI_MZTB7nMbT9fZ7mAUhgI5ygltGREww
.doubleclick.net/	1970-01-21 01:41:42	Name: IDE Value: AHWqTUkpE582zc0rMcKkOh2St18H4YzoHPpHeYj81izfHYf-PpFigPHKGKA70bN-wno

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: http://www.notpron.com/Scripts/AC_ActiveX.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: http://www.notpron.com/Scripts/AC_RunActiveContent.js Message: Failed to load resource: the server responded with a status of 404 (Not Found)
network	error	URL: https://fc.webmasterpro.de/counter.php?name=DavidM1337&style=none Message: Failed to load resource: net::ERR_BLOCKED_BY_RESPONSE.NotSameOrigin
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-3851982126860168&output=html&h=200&slotname=1616044294&adk=3545677746&adf=3025194257&pi=t.ma~as.1616044294&w=1200&fwrn=4&lmt=1700406327&rafmt=11&format=1200x200&url=http%3A%2F%2Fwww.notpron.com%2Fnotpron%2F&ea=0&wgl=1&dt=1700406327256&bpp=3&bdt=144&idt=221&shv=r20231109&mjsv=m202311130101&ptt=9&saldr=aa&abxe=1&correlator=2374311605530&frm=20&pv=2&ga_vid=466901602.1700406327&ga_sid=1700406327&ga_hid=245583725&ga_fc=0&rplot=4&u_tz=60&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=200&ady=1312&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C44809316%2C31078301%2C31079654%2C44807406%2C44807763%2C44808149%2C44808284%2C44809056&oid=2&pvsid=1628642918594655&tmod=1709991963&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CEebr%7C&abl=CS&pfx=0&fu=128&bc=23&ifi=1&uci=a!1&btvi=1&fsb=1&dtd=241 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
cat.nl3.eu.criteo.com
csm.eu.criteo.net
fc.webmasterpro.de
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
rtb.nl3.eu.criteo.com
static.criteo.net
steamcdn-a.akamaihd.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.notpron.com
fc.webmasterpro.de
178.250.1.6
184.24.77.162
2a00:1450:4001:800::2001
2a00:1450:4001:802::2004
2a00:1450:4001:80f::2002
2a00:1450:4001:813::2002
2a00:1450:4001:827::2002
2a02:2638:3::10
2a02:2638:3::12
2a02:2638:3::1a
2a02:2638:3::3
2a02:2638:3::9
91.203.110.219
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
136abe5a5e2bc44d9d5e0b914b4e89c433c6f26fb969bccc5a4614ca4e345bf9
18e6b664af7bc55ab0f963920f0da5a86e15f25fea4e223924d8f4b6723a37cf
1bca009966e9e32e2ae2bf3a90a196fd68ac0f377982998f9d6ce9440b93e8c5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3c30eaaa059a466037880c18c01c2fe94183d8e67eaab42061d4d2a180114658
3f7c358a7bc4811e9a9751a0eaddc6c0d423b2271937014ca0ebd1a9217b67ee
438aff17b56e5afabbb66d340d23aa803e55a65f66fec1f0b87efe0840cbd710
464dca8342bcedc29310dc3e64d4aebc4ee11bc149379825e67ee7aec02a930a
4c5c55d6256af3b2dabc99ec109cd54789fe0380310e13bd42611aa977cb3bad
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e991dedaed602c8720897973b17993c9e3c122d66bb1c835807ec21af9b5886
4ef869b0990045da43f072f0520006bcfd8259f6d1b30d9a9336b6ff363a7626
543d07cb6950ccf35d16cebe57f5eb15801ea2374235ce766b4c24042894a23d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61eef6998cff847f974ada3d86a9e0fa78734531127864660c20ccbce845eb20
622514b2b5e20ec7e62803e01c231955359cebee2b6d842d69262e28142bd4a6
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
62ade288f2abf7a6aa32dd1342efedc3ae89cd69a61d55011e3ef07881bfcad4
66f67f157cbcad67a908324e7f8b7c9b960ed0e9f6c0c6d84d0b07f8d6f5cf97
70a8ec1ae20cf4872a469c810a0e92ea5d4588f6bbb2a7a9e8a75392e30e2492
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7954fe9614832a5c8356adb849ba452f10b14a1a7b84daa41aaca52207b04a84
7c4a04c2bc2bed05978de0b99cd155bf3d297a21ce323b9a374b21b967838234
823453fb848eedc9f17d8a2bd41b244fabbd1dbd11f5785ef542837c0dbd6dbc
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
94211a31e7072ed3a7742c5b22452ea41f5eeb5c1a4ed08672b10daae938bf49
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a44da1867e8e630a9f049f7dceaa4fd35640be2fda75ddc4575f6bf226ccb3a3
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
add8fd9119982dd48929d9bde9e0216671832a400a1cd396ba95a3f5a7f09322
afe150fe9d2953fe967f99e4efffa493235d5e625b06aad82c3d7c52fd02b0b6
b2d25a73a9e437d755cec5b779a979f57f3ab2de9289efa694d907c38dd0c1c1
b4d7eeeb54041c9306ef387c0a199e55ee854f229629fe603ff76df5805a1382
b68573cb0e3942f0579133a4112b00eceef2dcca5a37e6cdc9224948ac8e8f9e
b7b3c739d9512b03d33b1cc737fa17c97255494005a582663b98612ab0ad4aa6
c14122cb01ce0905ea198b64a76e9fa0c99d241c905e4cecbfe01532754241aa
cacec6a0e5d27a3d8da847abef8cebb7e3a5585eb7193c4e9abf4b8a2a613038
d00881661ce5e766ce98430f69d6d217ab80bdfa98811e039afc92a327d57a68
d9cb173d6bc06ea48d792075cfcd94765ea3c17edf3d0c7a2ddd8f68d1a9ee32
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e969383834e765479518f8d13a32e8b2c8614f5cddad6e39d3f4f11cd632f082
ece27c4fc6fce0bf2466eb09279c6fcc519f6a4cea1d57e4aebb3a3d18c447f8
f280711898dd279348bbdf0fd10d7b22f9d0de316a5597b9cb4e1d8c86c5d3b2
f2b17ce65627dea6b8ee787f4e354ff3647aa92bd7653a28a9befc01c25f31ff
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
f908bbe873162d81924f7dfa9ba753c69c58c548e6bf4fb4dc46a1049f02d0fb

www.notpron.com Open in urlscan Pro 91.203.110.219 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Page Statistics

57 Requests

74 %HTTPS

77 %IPv6

9 Domains

14 Subdomains

14 IPs

3 Countries

732 kBTransfer

1472 kBSize

4 Cookies

0 Outgoing links

Page URL History

Redirected requests

57 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.notpron.com Open in urlscan Pro
91.203.110.219 Public Scan

Screenshot
Live screenshot

Full Image

57
Requests

74 %
HTTPS

77 %
IPv6

9
Domains

14
Subdomains

14
IPs

3
Countries

732 kB
Transfer

1472 kB
Size

4
Cookies

57 HTTP transactions
1 data transactions