ceoemail.com Open in urlscan Pro
213.246.101.54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://www.ceoemail.com/s.php?id=ceo-77191
Effective URL:
https://ceoemail.com/ceoblank.php?r=b
Submission: On March 23 via manual (March 23rd 2023, 2:09:36 pm UTC) from GB — Scanned from GB

Summary HTTP 65 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 16 IPs in 4 countries across 10 domains to perform 65 HTTP transactions. The main IP is 213.246.101.54, located in United Kingdom and belongs to ISIONUK Namesco Limited, GB. The main domain is ceoemail.com.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 6th 2022. Valid for: a year.

This is the only time ceoemail.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	213.246.101.54 213.246.101.54	8622 (ISIONUK N...) (ISIONUK Namesco Limited)
8	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:3::9 2a02:2638:3::9	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
20	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:2638::3e 2a02:2638::3e	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	2a02:2638::21 2a02:2638::21	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638::c 2a02:2638::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
65	16

3 213.246.101.54 (United Kingdom) 1 redirects

ASN8622 (ISIONUK Namesco Limited, GB)
PTR: vps1.ceoemail.co.uk

www.ceoemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ceoemail.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3e (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::21 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
27	criteo.net static.criteo.net — Cisco Umbrella Rank: 642 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 33747 csm.eu.criteo.net — Cisco Umbrella Rank: 8282 pix.eu.criteo.net — Cisco Umbrella Rank: 7921	262 KB
15	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 tpc.googlesyndication.com — Cisco Umbrella Rank: 135	221 KB
6	criteo.com rtb.nl3.eu.criteo.com — Cisco Umbrella Rank: 12890 ads.eu.criteo.com — Cisco Umbrella Rank: 8226 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 9532	96 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 29	25 KB
3	ceoemail.com 1 redirects www.ceoemail.com ceoemail.com	7 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 194	10 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 187	97 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	2 KB
1	google.co.uk adservice.google.co.uk — Cisco Umbrella Rank: 5375	531 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 886	606 B
65	10

	Domain	Requested by
20	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
8	pagead2.googlesyndication.com	ceoemail.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
4	csm.eu.criteo.net	ads.eu.criteo.com
2	pix.eu.criteo.net	ads.eu.criteo.com
2	cdnjs.cloudflare.com	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.nl3.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	ceoemail.com	ceoemail.com
1	www.google.com	tpc.googlesyndication.com
1	imageproxy.eu.criteo.net	ads.eu.criteo.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.co.uk	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	www.ceoemail.com	1 redirects
65	18

This site contains links to these domains. Also see Links.

Domain
www.ceoemail.com

Subject Issuer	Validity	Valid
www.ceoemail.com Sectigo RSA Domain Validation Secure Server CA	`2022-10-06` - `2023-10-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-14` - `2023-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-03-04` - `2023-06-04`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-15`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-01-13` - `2023-04-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-03-06` - `2023-05-29`	3 months	crt.sh

This page contains 9 frames:

Primary Page: https://ceoemail.com/ceoblank.php?r=b
Frame ID: 7795D8D8D95FF32EC13020AE73232C19
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230321/r20190131/zrt_lookup.html
Frame ID: C3D6B36D7896BE162A8874AE8B8F096E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572256&bpp=7&bdt=301&idt=214&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=2746337005577&frm=20&pv=2&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yK9xPpHZeZ&p=https%3A//ceoemail.com&dtd=235
Frame ID: 7789409EF5C6643F5B1BE6C0188FAB66
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572264&bpp=1&bdt=309&idt=235&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTj6ykt1zq&p=https%3A//ceoemail.com&dtd=238
Frame ID: 9E423EAC347B160D0C4F4011AB26A8E9
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&adk=1812271804&adf=3025194257&lmt=1679580572&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l%7C164x540_r&format=0x0&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572279&bpp=1&bdt=324&idt=226&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&nras=1&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=234
Frame ID: D252E2894529D66279A0A7954769A796
Requests: 1 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBxdnAAIJFoIFUhRAAAq0Gv8TqKRY5tPF_ersQ&u=%7C9Fk1sXsnJyZzHKXtqXnBkFXn1IxHAiTdKGShLGU4JTA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGepN13Fr0UBnbNTYw15f7zsIOVODKEAq-i6qsL6Xc-Nj9VbMoMSXcLwqoTtMg0qzxziDwiIDH3W5rH8cVqmIvWIryGGJY0P2brHytceNSBHoeYIYSRqTAqArzcGTG4iBvvu7xoP_cPR-snJ19UnnVDvINtVg6IMcWErecuNDvKJWWAkIi5weXkHlmQlidCYfTCSu2B_fFiB1ZeHZJBoyeXFk2BK1U5yJbI2JeeNpifvna1c2_ZYLRxkndvLXVounfnDCQW_0rveW-Dqo0NbwloIdgfIs2VGjo3OkclW1mxV5-D9troMfzWXap2Y4PhflEg5SYCH-__Vx5GqL5ec1PGn0ZST8XPB7MlUxRiw_2SCBdaSm0Y4CwaLbW9yjxJslOTyrN_U4EyQKjprBamQra2YEJGcilmjPmwA49RfgEnrrVJEWcptK3L8jfWvKgcOYuLjVidOM6devYDCbHlGFpexG_H5kz_tmqnfd0Y3E3EcKSC1hDtuC1GPxVmL9Pki1hNWLfkD7txrqB6zX21WW51zj3cOUmGwYpCkVbpN-Y26dHazNZ-iCfFPZV0BUYIWWR61ZwQrMV9Zw3B9iG4MtpyFqTAVYgLssxfwPphzzxjxwQo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIo9tnF0cZNrIINGQ1fAP0NWAmAHkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0wMzkwNjg1OTY4Nzg0MjU1yAEJqQIQcfZDpqu0PqgDAaoEyQFP0MejuHGue_18--nxYzG6j1KwlVOHH1PnwDqmxaE0WY-3yl2zVIdhfw0OxHsl2AAhfePfjKD0xzUPEnL-f0JIPjEEo9XbpfTbD2vGpGZiX80q-rrjZ-7jDJKXpbT-L6NOhrJy4fqBEJaJF5d-peFrJlcIrv9lzmmhch6lgtUNEFj9l8KWxp30aSu3kfVs-VVsAcDhNA2MRv__CDlh101_fpI7qKQ9RmAQCkO9BotPcdJ2qtqL_cvFmfm6eCmqRfH5NXdJwWfX60mABq-93KH7pv6qLaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0907PJ_8VthEUDEMJclW2-gNU64g%26client%3Dca-pub-0390685968784255%26adurl%3D
Frame ID: 3921F67AE14208B93A6D0041BBEC72AF
Requests: 14 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBxdnAAITYgIFUA6AAaKc6knAMhp1c_WLekbRg&u=%7C9Fk1sXsnJybc2RJN7uyAZ%2F2UDS0zZhWopUJZLbjN6Ow%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj_ix9SMJFAe7w4lQQ6IFUz9InWrQF0-lCIeq8rl4ICxetPTLvglkv-0FDlr0BOoihZEi5Th_b0KWV86UVc8OhVsbTR2KNCvtAZL2P9LY3781GMHhRrxYb4FVAKDcDG0l6z7DwEXeMwsDwViU5B4P-kus4-jBhsQlGcAb4zW3MuLroElNldvHiGyDQIW-fOOouCenVUUMv1KYXn4PewZCDbfLOBToUi6vUguAfbPKz1CADFC92sZueY8CyIJlKsv8dX9r8kpCGYAVxZ0mifWjDYc2ryhWNeBJ1EdBNw1BozA4HLIZ5SZho75RkLlUZeXpKZFaoGzqEardaJe-ERr9LT_4UvW6fN0gYejrp8NqJyf7Njz63F2Dk_gIhGIe68axOblsJnIHamdgCTly4LVugs-RiX8ajBv8RbVNRwbiSI_WVjXNiynabnXDkXzUK4TYTdrYfQuXY0Cx8X4RI1x2lqOX_vTfp4qxdTh5J98LaAIX14Znu4_Nq5jqBxAh8U8oIzfRV2hJY2mJKJ0Ujy2Sz0sgHWhzqR_YOO7bagfWS6-jlwNkxLVCasw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM-rPnF0cZIibIbqA1fAP85Sa6Arkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0wMzkwNjg1OTY4Nzg0MjU1yAEJqQIQcfZDpqu0PqgDAaoEyQFP0NghSgHYgrF4XZyqHUgOl3FsLF5yHEj__J4arLLh0rwpEpX-_q7HDldjD5dI5qoVTkdRfi_j-cmUMY9CYqLaIBzioTOnQq4G-KymF4Habq6wJDiqG5K_QLEBDs5srpuIQWg1EV3DPm1LtpNp9gBxug4BzKlwMvAn6ixqVyOzVnvu-PPPGyslV7_mI6NWrnnN7vrRL94MzB5h8ImSuIDv7dBjUQFiQLuVaEInraq-aTx5BLbH7xSBJShhWLqgU5qy-Onw-L-vnT-ABruGqPqz-MyUR6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aTvKqvvWDJVgZEE5M73arZeBouw%26client%3Dca-pub-0390685968784255%26adurl%3D
Frame ID: 1327CE86199BCE834A9536D7C4F4833C
Requests: 19 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 105B328789C5A38EFA11E6CEF8FBAAB5
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4AFB022DB779A6EA53519394354BE10E
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Your visit to ceoemail.com

Page URL History Show full URLs

https://www.ceoemail.com/s.php?id=ceo-77191 HTTP 302
https://ceoemail.com/ceoblank.php?r=b Page URL

Detected technologies

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

\.php(?:$|\?)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Page Statistics

65
Requests

98 %
HTTPS

87 %
IPv6

10
Domains

18
Subdomains

16
IPs

4
Countries

719 kB
Transfer

1589 kB
Size

8
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.ceoemail.com/
Title: CEOemail.com - UK Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/us-companies.php
Title: CEOemail.com - US Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/eu-companies.php
Title: CEOemail.com - EU Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/asian-companies.php
Title: CEOemail.com - Asian Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/african-companies.php
Title: CEOemail.com - African Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/australia-newzealand-companies.php
Title: CEOemail.com - Australian/NZ Companies

Search URL Search Domain Scan URL

URL: http://www.ceoemail.com/ceoemail-contact.php
Title: Contact the CEOemail.com Editor for help

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://www.ceoemail.com/s.php?id=ceo-77191 HTTP 302
https://ceoemail.com/ceoblank.php?r=b Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

65 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request ceoblank.php Show response
ceoemail.com/
Redirect Chain

https://www.ceoemail.com/s.php?id=ceo-77191
https://ceoemail.com/ceoblank.php?r=b

3 KB
1 KB

242ms
61ms

Document
text/html

213.246.101.54
ISIONUK Namesco L...

General

Check archive.org

Show headers Download Go to

Full URL: https://ceoemail.com/ceoblank.php?r=b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.246.101.54 , United Kingdom, ASN8622 (ISIONUK Namesco Limited, GB),
Reverse DNS: vps1.ceoemail.co.uk
Software: Apache / PHP/7.4.33 PleskLin
Resource Hash: 8ee757a762db05255b22b93942a25cbb6cf4a0cc2a066cddc39b2cb4a7355282

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 23 Mar 2023 14:09:31 GMT
Keep-Alive: timeout=5, max=100
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33 PleskLin

Redirect headers

Connection: Keep-Alive
Content-Encoding: gzip
Content-Type: text/html; charset=iso-8859-1
Date: Thu, 23 Mar 2023 14:09:31 GMT
Keep-Alive: timeout=5, max=100
Location: https://ceoemail.com/ceoblank.php?r=b
Server: Apache
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Powered-By: PHP/7.4.33 PleskLin

GET
H/1.1 200
OK ceocss.css
ceoemail.com/ 4 KB
5 KB 54ms
53ms Stylesheet
text/css 213.246.101.54
ISIONUK Namesco L...

General

Check archive.org

Show headers Download Go to

Full URL: https://ceoemail.com/ceocss.css
Requested by: Host: ceoemail.com
URL: https://ceoemail.com/ceoblank.php?r=b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 213.246.101.54 , United Kingdom, ASN8622 (ISIONUK Namesco Limited, GB),
Reverse DNS: vps1.ceoemail.co.uk
Software: Apache / PleskLin
Resource Hash: bc6f553554002b84016dd09f660e3a86eb051181541f3cc8f80bf780666e91a7

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/ceoblank.php?r=b
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Date: Thu, 23 Mar 2023 14:09:31 GMT
Last-Modified: Sun, 08 May 2022 17:11:18 GMT
Server: Apache
ETag: "11b9-5de832e0f9791"
X-Powered-By: PleskLin
Content-Type: text/css
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=99
Content-Length: 4537

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
48 KB 213ms
111ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: ceoemail.com
URL: https://ceoemail.com/ceoblank.php?r=b

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6ec3ead3795b3ada1d2fa196f0bfa36bdff6ebd1f9d078f4bfe40b9500b137e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48707
x-xss-protection: 0
server: cafe
etag: 18118860868554720442
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 14:09:32 GMT

GET show_ads.js
pagead2.googlesyndication.com/pagead/ 0
0

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/ 349 KB
117 KB 110ms
108ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/show_ads_impl_with_ama_fy2021.js?client=pub-0390685968784255&plah=ceoemail.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a28ba52a817286c532204a21360bd27348a2807e28246e5fe477a3dfe9dac0f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:32 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 119421
x-xss-protection: 0
server: cafe
etag: 17432009888772843955
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 23 Mar 2023 14:09:32 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230321/r20190131/ Frame C3D6 10 KB
5 KB 138ms
42ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230321/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 57711
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4549
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 22:07:41 GMT
etag: 2378337311435320485
expires: Wed, 05 Apr 2023 22:07:41 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
606 B 166ms
51ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=ceoemail.com&callback=_gfp_s_&client=pub-0390685968784255

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202303160101/show_ads_impl_with_ama_fy2021.js?client=pub-0390685968784255&plah=ceoemail.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9af6c866e41f78df733ed29345adf32626b4eca73dfcf7811690868b5ab83e3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 254
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
531 B 169ms
53ms Script
application/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=ceoemail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 166ms
51ms Script
application/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=ceoemail.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7789 23 KB
10 KB 653ms
653ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572256&bpp=7&bdt=301&idt=214&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=2746337005577&frm=20&pv=2&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yK9xPpHZeZ&p=https%3A//ceoemail.com&dtd=235

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

49837ab7e55983253d2e6ac7f64402fcbe086f0393e11ec0e21708a4a56eef8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10259
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 14:09:33 GMT
expires: Thu, 23 Mar 2023 14:09:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9E42 23 KB
10 KB 924ms
924ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572264&bpp=1&bdt=309&idt=235&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTj6ykt1zq&p=https%3A//ceoemail.com&dtd=238

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e1cf45e4447ced92d525cb1354d5916c08617417e447274923d6afdc8190471d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 10244
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 14:09:33 GMT
expires: Thu, 23 Mar 2023 14:09:33 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D252 0
180 B 68ms
68ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&adk=1812271804&adf=3025194257&lmt=1679580572&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=164x540_l%7C164x540_r&format=0x0&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572279&bpp=1&bdt=324&idt=226&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600%2C160x600&nras=1&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=234

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 14:09:32 GMT
expires: Thu, 23 Mar 2023 14:09:32 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 7789 3 KB
1 KB 163ms
52ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572256&bpp=7&bdt=301&idt=214&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=2746337005577&frm=20&pv=2&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yK9xPpHZeZ&p=https%3A//ceoemail.com&dtd=235

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 09:35:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 7789 20 KB
9 KB 154ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 15:13:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7789 158 KB
49 KB 152ms
53ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 14:09:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7789 0
0 87ms
86ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJZ0wnF0cZNrIINGQ1fAP0NWAmAHkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0wMzkwNjg1OTY4Nzg0MjU1yAEJqQIQcfZDpqu0PqgDAaoExgFP0MejuHGue_18--nxYzG6j1KwlVOHH1PnwDqmxaE0WY-3yl2zVIdhfw0OxHsl2AAhfePfjKD0xzUPEnL-f0JIPjEEo9XbpfTbD2vGpGZiX80q-rrjZ-7jDJKXpbT-L6NOhrJy4fqBEJaJF5d-peFrJlcIrv9lzmmhch6lgtUNEFj9l8KWxp30aSu3kfVs-VVsAcDhNA2MRv__CDlh101_PJAaOneftGWD-Ewlhe_T2tFioGaB09MeF2Le5IgVW93h5PCjxPSABq-93KH7pv6qLaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDM5MDY4NTk2ODc4NDI1NRgA&sigh=p8LccXNs6mU&uach_m=[UACH]&cid=CAQSGwDUE5yma85O54UdiBRuXdAkE82mFimzEv2HchgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572256&bpp=7&bdt=301&idt=214&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=2746337005577&frm=20&pv=2&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yK9xPpHZeZ&p=https%3A//ceoemail.com&dtd=235
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 14:09:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Thu, 23 Mar 2023 14:09:33 GMT

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 7789 0
0 122ms
41ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ktnxE8iBMKAB2ASH-lcYAgAAALWt5cC-TEieIMrzdRCbXRxkwvHisPzQhNgeCQAAEgAACg5BUVVCQVFZQkFRRUJBUQ&wp=ZBxdnAAIJFoIFUhRAAAq0Gv8TqKRY5tPF_ersQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 182251
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 3921 159 KB
50 KB 220ms
129ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBxdnAAIJFoIFUhRAAAq0Gv8TqKRY5tPF_ersQ&u=%7C9Fk1sXsnJyZzHKXtqXnBkFXn1IxHAiTdKGShLGU4JTA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGepN13Fr0UBnbNTYw15f7zsIOVODKEAq-i6qsL6Xc-Nj9VbMoMSXcLwqoTtMg0qzxziDwiIDH3W5rH8cVqmIvWIryGGJY0P2brHytceNSBHoeYIYSRqTAqArzcGTG4iBvvu7xoP_cPR-snJ19UnnVDvINtVg6IMcWErecuNDvKJWWAkIi5weXkHlmQlidCYfTCSu2B_fFiB1ZeHZJBoyeXFk2BK1U5yJbI2JeeNpifvna1c2_ZYLRxkndvLXVounfnDCQW_0rveW-Dqo0NbwloIdgfIs2VGjo3OkclW1mxV5-D9troMfzWXap2Y4PhflEg5SYCH-__Vx5GqL5ec1PGn0ZST8XPB7MlUxRiw_2SCBdaSm0Y4CwaLbW9yjxJslOTyrN_U4EyQKjprBamQra2YEJGcilmjPmwA49RfgEnrrVJEWcptK3L8jfWvKgcOYuLjVidOM6devYDCbHlGFpexG_H5kz_tmqnfd0Y3E3EcKSC1hDtuC1GPxVmL9Pki1hNWLfkD7txrqB6zX21WW51zj3cOUmGwYpCkVbpN-Y26dHazNZ-iCfFPZV0BUYIWWR61ZwQrMV9Zw3B9iG4MtpyFqTAVYgLssxfwPphzzxjxwQo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIo9tnF0cZNrIINGQ1fAP0NWAmAHkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0wMzkwNjg1OTY4Nzg0MjU1yAEJqQIQcfZDpqu0PqgDAaoEyQFP0MejuHGue_18--nxYzG6j1KwlVOHH1PnwDqmxaE0WY-3yl2zVIdhfw0OxHsl2AAhfePfjKD0xzUPEnL-f0JIPjEEo9XbpfTbD2vGpGZiX80q-rrjZ-7jDJKXpbT-L6NOhrJy4fqBEJaJF5d-peFrJlcIrv9lzmmhch6lgtUNEFj9l8KWxp30aSu3kfVs-VVsAcDhNA2MRv__CDlh101_fpI7qKQ9RmAQCkO9BotPcdJ2qtqL_cvFmfm6eCmqRfH5NXdJwWfX60mABq-93KH7pv6qLaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0907PJ_8VthEUDEMJclW2-gNU64g%26client%3Dca-pub-0390685968784255%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4081a85ff30639bccaafdef4278739783a664a5875339949f31f060d4b53fd1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 14:09:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=QMuy2F-6eBnVlKvo-4OnloOQfs8gDF7UOpLbFIchGrfqb-NjQkTlt7dGz6FkskakJ3I-X_17v8Do9rcl4L5pVmN3JzBU6SF3fjvbDAiH95BeqWR0wQRx582Jeo3zTEb0LTiYJLQEcCBE2fQ05P79DRaiRu4Uc-KC3955d-ugfIqNIlug2XepHKUe-9dHK8MoC-Ns31IT41KxKu_KtFSzwV5eVCH08ndFsXnFavH4TrdCdXjHQk8rvAHhttWNKccIvL21lg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 77374431
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 7789 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b89235ac884c9df06d946f7446e878fdbcdf820ba704331ba17e9183f60462df

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 3921 2 KB
1 KB 176ms
70ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBxdnAAIJFoIFUhRAAAq0Gv8TqKRY5tPF_ersQ&u=%7C9Fk1sXsnJyZzHKXtqXnBkFXn1IxHAiTdKGShLGU4JTA%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGepN13Fr0UBnbNTYw15f7zsIOVODKEAq-i6qsL6Xc-Nj9VbMoMSXcLwqoTtMg0qzxziDwiIDH3W5rH8cVqmIvWIryGGJY0P2brHytceNSBHoeYIYSRqTAqArzcGTG4iBvvu7xoP_cPR-snJ19UnnVDvINtVg6IMcWErecuNDvKJWWAkIi5weXkHlmQlidCYfTCSu2B_fFiB1ZeHZJBoyeXFk2BK1U5yJbI2JeeNpifvna1c2_ZYLRxkndvLXVounfnDCQW_0rveW-Dqo0NbwloIdgfIs2VGjo3OkclW1mxV5-D9troMfzWXap2Y4PhflEg5SYCH-__Vx5GqL5ec1PGn0ZST8XPB7MlUxRiw_2SCBdaSm0Y4CwaLbW9yjxJslOTyrN_U4EyQKjprBamQra2YEJGcilmjPmwA49RfgEnrrVJEWcptK3L8jfWvKgcOYuLjVidOM6devYDCbHlGFpexG_H5kz_tmqnfd0Y3E3EcKSC1hDtuC1GPxVmL9Pki1hNWLfkD7txrqB6zX21WW51zj3cOUmGwYpCkVbpN-Y26dHazNZ-iCfFPZV0BUYIWWR61ZwQrMV9Zw3B9iG4MtpyFqTAVYgLssxfwPphzzxjxwQo&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCIo9tnF0cZNrIINGQ1fAP0NWAmAHkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0wMzkwNjg1OTY4Nzg0MjU1yAEJqQIQcfZDpqu0PqgDAaoEyQFP0MejuHGue_18--nxYzG6j1KwlVOHH1PnwDqmxaE0WY-3yl2zVIdhfw0OxHsl2AAhfePfjKD0xzUPEnL-f0JIPjEEo9XbpfTbD2vGpGZiX80q-rrjZ-7jDJKXpbT-L6NOhrJy4fqBEJaJF5d-peFrJlcIrv9lzmmhch6lgtUNEFj9l8KWxp30aSu3kfVs-VVsAcDhNA2MRv__CDlh101_fpI7qKQ9RmAQCkO9BotPcdJ2qtqL_cvFmfm6eCmqRfH5NXdJwWfX60mABq-93KH7pv6qLaAGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_0907PJ_8VthEUDEMJclW2-gNU64g%26client%3Dca-pub-0390685968784255%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 3921 2 KB
1 KB 141ms
35ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 3921 308 B
636 B 105ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 3921 293 B
621 B 104ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 3921 43 B
348 B 154ms
38ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=LL-y4rR-luRnJayTJQqKnGZpWtcfjmj2ICBtBlH8DFz5OtpMjeMA0KBu5INlqu7btrulmsKP7QpXL7C-O8TGR8beWMVSlRxs3veA6D9_RUsYraOOu1TfCnXXhZSOfIAo0iE81mg-dGY_R9ESqqu_ctq6VBqjg0kOTqcPcCNquxk0gU3NjMne0Hh0sPyDeAJjvwtxNqsl-Vv9r_vg3W-Zju1SjmHVINX0xrS5sJBIMe46P3r6tVqPdu_GCYWvnYhDCTV-hRcz-WAjkKTodgevm9fVAnK5Nj3rphJEI36YHFmaqGUPueAtlzYTbZePLRATZqn0JUHVnFa4LeBWbnah1pfdKcxkcFakjPqrZi9VEJQc73cerXDAXtUZVBdtq5QuMjFntdocu2Uv8xhnwc2BQUjpWQmWGJJHyIO_XCOODZ9N8fOq

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1958043
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 9E42 3 KB
1 KB 45ms
43ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572264&bpp=1&bdt=309&idt=235&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTj6ykt1zq&p=https%3A//ceoemail.com&dtd=238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 09:35:33 GMT
content-encoding: br
x-content-type-options: nosniff
age: 16440
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 06 Apr 2023 09:35:33 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/ Frame 9E42 20 KB
8 KB 45ms
42ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230321/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572264&bpp=1&bdt=309&idt=235&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTj6ykt1zq&p=https%3A//ceoemail.com&dtd=238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Wed, 22 Mar 2023 15:13:45 GMT
content-encoding: br
x-content-type-options: nosniff
age: 82548
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8627
x-xss-protection: 0
server: cafe
etag: 8620137988422272387
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 05 Apr 2023 15:13:45 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9E42 158 KB
48 KB 61ms
59ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572264&bpp=1&bdt=309&idt=235&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTj6ykt1zq&p=https%3A//ceoemail.com&dtd=238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49540
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1679312138029146"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 23 Mar 2023 14:09:33 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 3921 12 KB
5 KB 109ms
38ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 52295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nWT81MuGzmK6cpzBCqA%2B%2FYZGFZWPQoLxrVQgGTcL6yrDT4Bt%2BWVX%2Bcqm2Wu%2BFInwfxvZVcN6DgH7ECWFs7ZG6L9UfFE43ICcavDlcHY%2FjyjRRfRJCG41VXWK6%2BeFn1XBpqQvkMQmujEzRJtth1e23d2R"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ac740b8e906dd7c-LHR
expires: Tue, 12 Mar 2024 14:09:33 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 3921 12 KB
6 KB 96ms
41ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff
static.criteo.net/design/dt/ Frame 3921 27 KB
28 KB 155ms
74ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/dt/140e55ebe29544f18fdeb42b6426d53c_totalsansregular.woff

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 09 Jan 2020 16:51:34 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e175a16-6d58"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 9E42 0
0 85ms
85ms Fetch
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CVD6UnF0cZIibIbqA1fAP85Sa6Arkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0wMzkwNjg1OTY4Nzg0MjU1yAEJqQIQcfZDpqu0PqgDAaoExgFP0NghSgHYgrF4XZyqHUgOl3FsLF5yHEj__J4arLLh0rwpEpX-_q7HDldjD5dI5qoVTkdRfi_j-cmUMY9CYqLaIBzioTOnQq4G-KymF4Habq6wJDiqG5K_QLEBDs5srpuIQWg1EV3DPm1LtpNp9gBxug4BzKlwMvAn6ixqVyOzVnvu-PPPGyslV7_mI6NWrnnN7vrRL94MzB5h8ImSuIDvr9JCw9LAsr4Gmk2_Ls4iwj9tDgrNwQxaq7MFxBsfTbaqKW4a_SyABruGqPqz-MyUR6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgECACgH6CwIIAYAMAdAVAYAXAbIXGgoYEhRwdWItMDM5MDY4NTk2ODc4NDI1NRgA&sigh=SAfDUG2bqqA&uach_m=[UACH]&cid=CAQSGwDUE5ymitxOapFH4WHVduWKcUlRO9EgABLJ0hgB

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572264&bpp=1&bdt=309&idt=235&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTj6ykt1zq&p=https%3A//ceoemail.com&dtd=238

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572264&bpp=1&bdt=309&idt=235&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTj6ykt1zq&p=https%3A//ceoemail.com&dtd=238
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Thu, 23 Mar 2023 14:09:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl3.eu.criteo.com/google/auction/ Frame 9E42 0
0 39ms
38ms Fetch 2a02:2638:3::9
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl3.eu.criteo.com/google/auction/notify?profile=14&payload=ktikE8iBMKAB2ASH-lcYAgAAALWt5cC-TEieIMrzdRCcXRxk6JLP9Nw_RitdNAAAEgAACg5BUVVCQVFZQkFRRVBBUQ&wp=ZBxdnAAITYgIFUA6AAaKc6knAMhp1c_WLekbRg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572264&bpp=1&bdt=309&idt=235&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTj6ykt1zq&p=https%3A//ceoemail.com&dtd=238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:32 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
server-processing-duration-in-ticks: 170349
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 1327 131 KB
45 KB 85ms
85ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBxdnAAITYgIFUA6AAaKc6knAMhp1c_WLekbRg&u=%7C9Fk1sXsnJybc2RJN7uyAZ%2F2UDS0zZhWopUJZLbjN6Ow%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj_ix9SMJFAe7w4lQQ6IFUz9InWrQF0-lCIeq8rl4ICxetPTLvglkv-0FDlr0BOoihZEi5Th_b0KWV86UVc8OhVsbTR2KNCvtAZL2P9LY3781GMHhRrxYb4FVAKDcDG0l6z7DwEXeMwsDwViU5B4P-kus4-jBhsQlGcAb4zW3MuLroElNldvHiGyDQIW-fOOouCenVUUMv1KYXn4PewZCDbfLOBToUi6vUguAfbPKz1CADFC92sZueY8CyIJlKsv8dX9r8kpCGYAVxZ0mifWjDYc2ryhWNeBJ1EdBNw1BozA4HLIZ5SZho75RkLlUZeXpKZFaoGzqEardaJe-ERr9LT_4UvW6fN0gYejrp8NqJyf7Njz63F2Dk_gIhGIe68axOblsJnIHamdgCTly4LVugs-RiX8ajBv8RbVNRwbiSI_WVjXNiynabnXDkXzUK4TYTdrYfQuXY0Cx8X4RI1x2lqOX_vTfp4qxdTh5J98LaAIX14Znu4_Nq5jqBxAh8U8oIzfRV2hJY2mJKJ0Ujy2Sz0sgHWhzqR_YOO7bagfWS6-jlwNkxLVCasw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM-rPnF0cZIibIbqA1fAP85Sa6Arkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0wMzkwNjg1OTY4Nzg0MjU1yAEJqQIQcfZDpqu0PqgDAaoEyQFP0NghSgHYgrF4XZyqHUgOl3FsLF5yHEj__J4arLLh0rwpEpX-_q7HDldjD5dI5qoVTkdRfi_j-cmUMY9CYqLaIBzioTOnQq4G-KymF4Habq6wJDiqG5K_QLEBDs5srpuIQWg1EV3DPm1LtpNp9gBxug4BzKlwMvAn6ixqVyOzVnvu-PPPGyslV7_mI6NWrnnN7vrRL94MzB5h8ImSuIDv7dBjUQFiQLuVaEInraq-aTx5BLbH7xSBJShhWLqgU5qy-Onw-L-vnT-ABruGqPqz-MyUR6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aTvKqvvWDJVgZEE5M73arZeBouw%26client%3Dca-pub-0390685968784255%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=2833420325&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572264&bpp=1&bdt=309&idt=235&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&prev_fmts=160x600&correlator=2746337005577&frm=20&pv=1&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1434&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=VTj6ykt1zq&p=https%3A//ceoemail.com&dtd=238

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3d3998833f8c1a0381d3072a8606d44f9398fa3888426f960deb3a0b40d983cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 14:09:33 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=hSv1lV-6eBnVlKvokzWETGyWoMhRTM9nXFmTMmVXGGuu5hmj6ZetyA4Oae056vRfhGvAj8AthI_6V2PPDsQ1aFHSzJ3aAzqMj9FVkNJ1htxCKjygMq6KzewbLuc6RkY-Ikxa_ty-yzp6pC5oppqGXC2U6IwqH3GyiQP3rk71jbLlF6tblfOVt5F2Av7rz9J1Sh6DbmIby75ZLxgYn6lj0MhFODkA8Scgd6--dqIwQnmLwnztxYqSldfAJ9EK85KVl-X5mg"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 42137862
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 3921 4 KB
5 KB 123ms
38ms Image
image/webp 2a02:2638::3e
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=270&m=0&partner=3034&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F3034%2F210625%2F9bfb6bf665ba4d79a54c1ad654323e58_logorgb.jpg&v=3&w=316&s=Tdpyx58S8Kh_y4WNYSVWGJ_-

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3e , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

5ef2ffc58e4ab1f08c114f44d05c2e226fdcd674fefdae984a3818d8a15d770e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:32 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 4544
expires: Sat, 09 Mar 2024 09:34:11 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 3921 0
128 B 131ms
38ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=QMuy2F-6eBnVlKvo-4OnloOQfs8gDF7UOpLbFIchGrfqb-NjQkTlt7dGz6FkskakJ3I-X_17v8Do9rcl4L5pVmN3JzBU6SF3fjvbDAiH95BeqWR0wQRx582Jeo3zTEb0LTiYJLQEcCBE2fQ05P79DRaiRu4Uc-KC3955d-ugfIqNIlug2XepHKUe-9dHK8MoC-Ns31IT41KxKu_KtFSzwV5eVCH08ndFsXnFavH4TrdCdXjHQk8rvAHhttWNKccIvL21lg&sds=2&rev=85392&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 3921 2 KB
1 KB 42ms
37ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 3921 2 KB
1 KB 45ms
41ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
DATA 200
OK truncated
/ Frame 9E42 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1bdacc28cd294ec7b1acc18f192b18459ae271f61ed59ee2e07035034c0c91da

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 1327 2 KB
1 KB 38ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZBxdnAAITYgIFUA6AAaKc6knAMhp1c_WLekbRg&u=%7C9Fk1sXsnJybc2RJN7uyAZ%2F2UDS0zZhWopUJZLbjN6Ow%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj_ix9SMJFAe7w4lQQ6IFUz9InWrQF0-lCIeq8rl4ICxetPTLvglkv-0FDlr0BOoihZEi5Th_b0KWV86UVc8OhVsbTR2KNCvtAZL2P9LY3781GMHhRrxYb4FVAKDcDG0l6z7DwEXeMwsDwViU5B4P-kus4-jBhsQlGcAb4zW3MuLroElNldvHiGyDQIW-fOOouCenVUUMv1KYXn4PewZCDbfLOBToUi6vUguAfbPKz1CADFC92sZueY8CyIJlKsv8dX9r8kpCGYAVxZ0mifWjDYc2ryhWNeBJ1EdBNw1BozA4HLIZ5SZho75RkLlUZeXpKZFaoGzqEardaJe-ERr9LT_4UvW6fN0gYejrp8NqJyf7Njz63F2Dk_gIhGIe68axOblsJnIHamdgCTly4LVugs-RiX8ajBv8RbVNRwbiSI_WVjXNiynabnXDkXzUK4TYTdrYfQuXY0Cx8X4RI1x2lqOX_vTfp4qxdTh5J98LaAIX14Znu4_Nq5jqBxAh8U8oIzfRV2hJY2mJKJ0Ujy2Sz0sgHWhzqR_YOO7bagfWS6-jlwNkxLVCasw&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCM-rPnF0cZIibIbqA1fAP85Sa6Arkj9KxXKeS4YiIAcCNtwEQASAAYLuGgIDQCoIBF2NhLXB1Yi0wMzkwNjg1OTY4Nzg0MjU1yAEJqQIQcfZDpqu0PqgDAaoEyQFP0NghSgHYgrF4XZyqHUgOl3FsLF5yHEj__J4arLLh0rwpEpX-_q7HDldjD5dI5qoVTkdRfi_j-cmUMY9CYqLaIBzioTOnQq4G-KymF4Habq6wJDiqG5K_QLEBDs5srpuIQWg1EV3DPm1LtpNp9gBxug4BzKlwMvAn6ixqVyOzVnvu-PPPGyslV7_mI6NWrnnN7vrRL94MzB5h8ImSuIDv7dBjUQFiQLuVaEInraq-aTx5BLbH7xSBJShhWLqgU5qy-Onw-L-vnT-ABruGqPqz-MyUR6AGIagHpr4bqAeW2BuoB6qbsQKoB4OtsQKoB_-esQKoB9-fsQLYBwDSCA8IgOGAEBABMgKqAjoCgED6CwIIAYAMAdAVAYAXAQ%26num%3D1%26sig%3DAOD64_2aTvKqvvWDJVgZEE5M73arZeBouw%26client%3Dca-pub-0390685968784255%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 adchoices_en.svg
static.criteo.net/flash/icon/ Frame 1327 2 KB
1 KB 47ms
47ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_en.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-759"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 1327 308 B
636 B 42ms
38ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 1327 293 B
621 B 43ms
39ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 1327 43 B
347 B 43ms
41ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=QjkGgGx0sXqh7CAWJexuTzx_KElVFUgOcN7Tg0Fx44GOE7lGJ5TgJxurzUgF6lRnO3XUzqmZlhSu4OdKShyblwTqBOQemFiYfzGdyvNSyvP8-Nl1Ae7jjd-PWQqmc_391QbN39cnT74RTbSg70DKwfTkEaE6aCDRkSXSbFl9db_fAbp0kjGKs5gwmzfMxncHVUodU70d6DstFPw_D9qUNls968erxgzD8J2KBFdTAa_QQnNF8Bo9FJ2_lSdYBOmXI7KMXSL-fiDFolReumyW0T28pcxNwEDVBupFvxL_xCyaDJBVuyzMUwcIe9NcaLDKeG6IdAwHzVAMFMr7R2D7RLP0_ofkorMw2feXYmOJbJnKQVY6twhp3Ce95bJJq2rryvHvpO5HxJcsefnlX5UPlmhXyb02dajxjW33kjA15Y68Yfnr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1813358
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 1327 12 KB
5 KB 45ms
44ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 52295
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mc1Ax7YGFQTAD1rtsQI7t%2FLeVbzosJFvEiGPYcqpvkg7AB2LQcAhjuIrg4pfq8kV7J5zOaruOF%2BuT5EEfsBYuf4LxIE0GPunPwtdKyOX2Auc5mKLP3gkL85hyTtYz8pGhdkbwZt%2BNRcyaWS9nV1ceNEz"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ac740b9ba2fdd7c-LHR
expires: Tue, 12 Mar 2024 14:09:33 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 1327 12 KB
6 KB 42ms
42ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 e81f2e353d344e33b7e8ea35a88e1962_cpn_160x600_1.jpeg
static.criteo.net/design/dt/11894/221222/ Frame 1327 53 KB
54 KB 50ms
49ms Image
image/jpeg 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/design/dt/11894/221222/e81f2e353d344e33b7e8ea35a88e1962_cpn_160x600_1.jpeg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

c4ed3dd6d6611d7ffc69dc7c934c69a2d75ae0a1df60fb478e6970cf7c959a03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 22 Dec 2022 17:52:57 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "63a49979-d542"
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 54594
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1327 3 KB
3 KB 275ms
162ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=108&m=0&partner=11894&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F11894%2F200122%2F65a327ddde60433fbcafc6a1bdb8d66f_jet2holidays_2019_refresh_no-sun_no-strapline.png&v=3&w=316&s=IFIKQy3JGBcYQUg_QhDKRKMx

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

854c74aef44ae9e595afb1102cf407bdc6c81689f745b052491675a42b6b8dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30647627
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3142
expires: Tue, 12 Mar 2024 07:23:21 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 1327 112 KB
112 KB 188ms
75ms Image
image/webp 2a02:2638::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=11894&q=80&r=0&u=https%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fimages%2F11894%2Fjet2holidays_80070.jpg&v=3&w=800&s=ZVaeefBdPwWbdoNkgaAOCwY7&b=800

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

5fb167190ab6cca248e5ef6e8fa80a5040b241547f4a0dc114a6ce47ae9d616d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=30661542
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 114848
expires: Tue, 12 Mar 2024 11:15:16 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1327 0
127 B 40ms
40ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=hSv1lV-6eBnVlKvokzWETGyWoMhRTM9nXFmTMmVXGGuu5hmj6ZetyA4Oae056vRfhGvAj8AthI_6V2PPDsQ1aFHSzJ3aAzqMj9FVkNJ1htxCKjygMq6KzewbLuc6RkY-Ikxa_ty-yzp6pC5oppqGXC2U6IwqH3GyiQP3rk71jbLlF6tblfOVt5F2Av7rz9J1Sh6DbmIby75ZLxgYn6lj0MhFODkA8Scgd6--dqIwQnmLwnztxYqSldfAJ9EK85KVl-X5mg&sds=2&rev=85392&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 23 Mar 2023 14:09:33 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 1327 2 KB
1 KB 81ms
81ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 1327 2 KB
1 KB 82ms
82ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 opensans-400.css
static.criteo.net/design/googlefont/opensans/ Frame 1327 2 KB
899 B 37ms
37ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 opensans-700.css
static.criteo.net/design/googlefont/opensans/ Frame 1327 2 KB
900 B 38ms
38ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-9fe"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 opensans-400-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 1327 16 KB
17 KB 48ms
48ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-400.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f077-4164"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H2 200 opensans-700-latin.woff2
static.criteo.net/design/googlefont/opensans/ Frame 1327 16 KB
16 KB 45ms
45ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/opensans/opensans-700-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/opensans/opensans-700.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/opensans/opensans-700.css
Origin: https://ads.eu.criteo.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:33 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:11:05 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f079-3ff4"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sun, 17 Mar 2024 14:09:33 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 185ms
93ms XHR
application/json 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230321&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7f95910c4e02f643e2d5309a27087a3c8244d8df4c3db19006ec5b90f1b01b6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:34 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11207
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Thu, 23 Mar 2023 14:09:34 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 105B 13 KB
5 KB 46ms
41ms Document
text/html 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

accept-ranges: bytes
age: 1407
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 13:46:07 GMT
expires: Fri, 22 Mar 2024 13:46:07 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4AFB 783 B
1 KB 156ms
55ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8a2f830d2ac0a9655078fcb1a9520e018580ae66a7442fb18683be60ccc09ff2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-3qb-LTnkrPWAGOYQ9VHtJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ceoemail.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-3qb-LTnkrPWAGOYQ9VHtJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 23 Mar 2023 14:09:34 GMT
expires: Thu, 23 Mar 2023 14:09:34 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js Show response
pagead2.googlesyndication.com/bg/ Frame 105B 36 KB
14 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Fk605tn75I7u4VFctBJxn2hxp-OwiAUnR3ugWvNbq78.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 13:43:42 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1552
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14303
x-xss-protection: 0
last-modified: Mon, 20 Mar 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 22 Mar 2024 13:43:42 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7789 42 B
64 B 81ms
79ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsscEC5rCp8Hw6iZOvOz9v8IwzYjHqbK7eXLBOiztvVQNbJU_NSqv1qScMBI9__8iOwNAqiuunwd7TguMbEn6K26T-IE&sig=Cg0ArKJSzIE6ipLK9jIPEAE&id=lidar2&mcvt=1031&p=0,0,600,160&mtos=1031,1031,1031,1031,1031&tos=1031,0,0,0,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4205943629&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679580572493&rpt=927&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 14:09:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 4AFB 0
0 81ms
80ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230321&jk=3331841615757290&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

POST
H2 200 all
csm.eu.criteo.net/ Frame 3921 0
127 B 52ms
51ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 23 Mar 2023 14:09:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 105B 0
10 B 46ms
45ms Image
text/plain 2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?jwOvrQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

date: Thu, 23 Mar 2023 14:09:34 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9E42 42 B
64 B 87ms
84ms Fetch
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuVqxW6y5sJBzCwEod3CXh-S2QaTEIEgjWDa52zfdANAJKMzv-Re0DHtwoSGj4x6mSeJlVm7g1ujtkv0Vc-1iSXWIiU&sig=Cg0ArKJSzKG4M3j5vZB4EAE&id=lidar2&mcvt=1001&p=0,0,600,160&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230320&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=4205943629&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1679580572503&rpt=1149&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 23 Mar 2023 14:09:34 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 1327 0
127 B 39ms
39ms Ping
text/plain 2a02:2638::21
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::21 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Thu, 23 Mar 2023 14:09:34 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 82ms
81ms Image
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230321&jk=3331841615757290&bg=!ZmWlZTHNAAbO2UOH7tk7ADkAdvg8WiwE2Tk3uJSndi-ufznARt73zzaN18DZiBqGfM4sWSvBnQ8xtogc_UmgHRv8fRoH5W1qbzACAAAAy1IAAAACaAEHCgBvge9MUP7PYLRj7ApGaTi29FTgEGFtRvna-vrZ3z_gN96H64hzCCXVjH1m32kdEv4BKIyO09zbunubmpFEph5_f-qDRg8UO-yLOaqzZcYLBcWVn9W-VE03KYdH65P8keZtcyBtyyDieewc6wa7lNbomQKjmUu0FC6l0Won3N9iZIadsuSxzwPxmfbzrEqF6JZ8vTYGXcf0zVXaN8P3s9pr7SNOZDPq7V_rEAv2WfVatKOvSCM88DSqBBp2mYIqEi2vk9tth5-R1tBPUywbpLHn6DTuvuvt8KattojORU7Jw7ThDbxkOp9Gan5e0D-Vfwu20B4IGgl2CSFz0AOeYyQ8CQswe6LH6Ft_ppJkfPVl9IsShBfDiwheTuVJK2aExXpI-3FXqFLJwidvLcHt41oyyz7FgIkbmXY4dluoUvKOZe5wXF0bvlWYdwlCV1YGVs2OOUCW9Hkzmor4a06SUTGGVUceorRT5RL5bqqfVvcb_hZRA5bCSKBnwD-EOVJG5kTgLBY1Nkr4NWjA9M7zRPjgztmNn3RzBZHivU_2rlu7Q7OypBTdMIWh52dtupD0c4CetQXFuvE5p-4wIolK2n1OxgrwpkVh65zEUdMrGy5GmEF8EPfGtmfaRBCPvG_Zqf4mrF26UHg5c2QUv3Ugp8L3JmmlrvSug2MwbxWZR9SmngAyd1udE-V13x4Bq886ZnhUfy-lhO5nXxOO2BSsAvk16PUZKzQP_EFISKgz8TpBAynAwzR6gNc9GX7tZ8NNfesYODBePwL5lctYZpHWP7AxPcmSymO-5uwCp4j-_qrke4jHyBYssVaHu2VOfKoUyX1cl90wPV8P08USBfk0DYYc9VIRUC_0bo5d-1tRMB5bOGXqy_glyapcZlvC2VdX0GIaVwROIJpLj_9whn3tCyu5KgMEwzjveGjusbvx2Kn8IZQqwRm22kNy6T3pszxlAwFhJDQMW8kdmK5NW65p0z1re_QVhKRRWHsXjvHgPJg0ikEavLpajQ1c81dmxus-BlY2j3TaseHLvHW6GTiQVDlLJr-TkeOu
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://ceoemail.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.110 Safari/537.36

Response headers

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Verdicts & Comments Add Verdict or Comment

46 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

8 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.ceoemail.com/	1970-01-20 10:34:26	Name: url Value: http%3A%2F%2Fwww.ceoemail.com%2Fs.php%3Fid%3Dceo-77191
.ceoemail.com/	1970-01-20 10:34:26	Name: id Value: 77191
.ceoemail.com/	1970-01-20 10:34:26	Name: number Value: 0
.ceoemail.com/	1970-01-20 10:34:26	Name: e Value: 1
.ceoemail.com/	1970-01-20 19:54:36	Name: __gads Value: ID=6c80021512bf9a63-224a81cd68dd007e:T=1679580572:RT=1679580572:S=ALNI_MbNujOhGoUY0LRSD-mXWkvOZk2TjQ
.ceoemail.com/	1970-01-20 19:54:36	Name: __gpi Value: UID=00000bcb0b02fcb0:T=1679580572:RT=1679580572:S=ALNI_MYM_C3XwcnhFCzyKHxKLVsjT8bjsw
.doubleclick.net/	1970-01-20 19:54:36	Name: IDE Value: AHWqTUkxoNhrUnvv3wkNQkCEOVtnBiR0oRIhquWTvHRGoJVjPsrio4g-OCsNrtyYeDw
.doubleclick.net/	1970-01-20 10:33:01	Name: test_cookie Value: CheckForPermission

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://ceoemail.com/ceoblank.php?r=b Message: Mixed Content: The page at 'https://ceoemail.com/ceoblank.php?r=b' was loaded over HTTPS, but requested an insecure script 'http://pagead2.googlesyndication.com/pagead/show_ads.js'. This request has been blocked; the content must be served over HTTPS.
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0390685968784255&output=html&h=600&slotname=1642069567&adk=4205943629&adf=745599300&pi=t.ma~as.1642069567&w=160&lmt=1679580572&format=160x600&url=https%3A%2F%2Fceoemail.com%2Fceoblank.php%3Fr%3Db&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&dt=1679580572256&bpp=7&bdt=301&idt=214&shv=r20230321&mjsv=m202303160101&ptt=9&saldr=aa&abxe=1&correlator=2746337005577&frm=20&pv=2&ga_vid=828650223.1679580572&ga_sid=1679580572&ga_hid=678660717&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=8&ady=8&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44777876%2C44759837%2C44759926%2C42531706%2C44785293&oid=2&pvsid=3331841615757290&tmod=2014471857&uas=0&nvt=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=d%7C%7CleE%7Cp&abl=XS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=yK9xPpHZeZ&p=https%3A//ceoemail.com&dtd=235 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.co.uk
adservice.google.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
ceoemail.com
csm.eu.criteo.net
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
rtb.nl3.eu.criteo.com
static.criteo.net
tpc.googlesyndication.com
www.ceoemail.com
www.google.com
www.googletagservices.com
pagead2.googlesyndication.com
178.250.1.6
213.246.101.54
2606:4700::6811:180e
2a00:1450:4001:80b::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2001
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:3::9
2a02:2638::21
2a02:2638::3e
2a02:2638::c
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
164eb4e6d9fbe48eeee1515cb412719f6871a7e3b0880527477ba05af35babbf
1baff9bf8d69c7de6ea553b53218dc5990e8a58d69200bab0c4763e70639fef4
1bdacc28cd294ec7b1acc18f192b18459ae271f61ed59ee2e07035034c0c91da
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
34538388fdc926429d1544ddba61ea522cfd4a8ef577b1ae2ca5a0f0e57c8735
3cd346aff1efcc38119a600f75667ba0089a7a6bece2b905503fb7c0c65ddcb8
3d3998833f8c1a0381d3072a8606d44f9398fa3888426f960deb3a0b40d983cc
4081a85ff30639bccaafdef4278739783a664a5875339949f31f060d4b53fd1f
49837ab7e55983253d2e6ac7f64402fcbe086f0393e11ec0e21708a4a56eef8c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5ef2ffc58e4ab1f08c114f44d05c2e226fdcd674fefdae984a3818d8a15d770e
5fb167190ab6cca248e5ef6e8fa80a5040b241547f4a0dc114a6ce47ae9d616d
60bcafbd631f6fa0805e158ca3b235e76225350db6fbb423596d4c4954b27573
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
688a83886a5a759614fb53d73736845837de908ce3553b146471782995bc5943
6ec3ead3795b3ada1d2fa196f0bfa36bdff6ebd1f9d078f4bfe40b9500b137e3
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
7f95910c4e02f643e2d5309a27087a3c8244d8df4c3db19006ec5b90f1b01b6e
83dd1a8208a83ec90a9a2d7774ab28e4b93b3eba53fb6a3fd444eb7e389ecbff
854c74aef44ae9e595afb1102cf407bdc6c81689f745b052491675a42b6b8dcb
8a2f830d2ac0a9655078fcb1a9520e018580ae66a7442fb18683be60ccc09ff2
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8ee757a762db05255b22b93942a25cbb6cf4a0cc2a066cddc39b2cb4a7355282
9af6c866e41f78df733ed29345adf32626b4eca73dfcf7811690868b5ab83e3f
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a28ba52a817286c532204a21360bd27348a2807e28246e5fe477a3dfe9dac0f7
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
b89235ac884c9df06d946f7446e878fdbcdf820ba704331ba17e9183f60462df
bc6f553554002b84016dd09f660e3a86eb051181541f3cc8f80bf780666e91a7
c4ed3dd6d6611d7ffc69dc7c934c69a2d75ae0a1df60fb478e6970cf7c959a03
ca070dfc7785775cbf5cce16064029ee534259de42c6d9de10e476e710000e93
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1cf45e4447ced92d525cb1354d5916c08617417e447274923d6afdc8190471d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f885ec8a0a68847aff7c6bb94968bf7cb5099c0c449ae1535cf8515cc0ff8e18
fe14bc8a4e294c047589838fd09a3efc81771751a0be03ea8ec99e734e965fd2

ceoemail.com Open in urlscan Pro 213.246.101.54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

65 Requests

98 %HTTPS

87 %IPv6

10 Domains

18 Subdomains

16 IPs

4 Countries

719 kBTransfer

1589 kBSize

8 Cookies

7 Outgoing links

Page URL History

Redirected requests

65 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

ceoemail.com Open in urlscan Pro
213.246.101.54 Public Scan

Screenshot
Live screenshot

Full Image

65
Requests

98 %
HTTPS

87 %
IPv6

10
Domains

18
Subdomains

16
IPs

4
Countries

719 kB
Transfer

1589 kB
Size

8
Cookies

65 HTTP transactions
2 data transactions