www.projecthoneypot.org Open in urlscan Pro
209.124.55.40 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050
Effective URL:
https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050
Submission: On April 22 via api (April 22nd 2022, 8:32:49 am UTC) from DE — Scanned from DE

Summary HTTP 89 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 5 countries across 17 domains to perform 89 HTTP transactions. The main IP is 209.124.55.40, located in Ann Arbor, United States and belongs to 123NET, US. The main domain is www.projecthoneypot.org. The Cisco Umbrella rank of the primary domain is 616491.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on October 30th 2021. Valid for: a year.

This is the only time www.projecthoneypot.org was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 6	209.124.55.40 209.124.55.40	12129 (123NET) (123NET)
11	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2008	15169 (GOOGLE) (GOOGLE)
1	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:827::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:2638::2 2a02:2638::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:1::4 2a02:2638:1::4	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2600:9000:224... 2600:9000:224a:5000:1e:a43d:b640:93a1	16509 (AMAZON-02) (AMAZON-02)
2	178.250.2.148 178.250.2.148	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
14	178.250.2.135 178.250.2.135	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	178.250.2.150 178.250.2.150	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a02:2638:1::2 2a02:2638:1::2	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1 1	52.18.148.209 52.18.148.209	16509 (AMAZON-02) (AMAZON-02)
3	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2 2	69.192.160.219 69.192.160.219	16625 (AKAMAI-AS) (AKAMAI-AS)
1	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8100:8701:aae2:1118:ca9	16509 (AMAZON-02) (AMAZON-02)
89	22

6 209.124.55.40 (Ann Arbor, United States) 1 redirects

ASN12129 (123NET, US)
PTR: www.projecthoneypot.org

www.projecthoneypot.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::4 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:224a:5000:1e:a43d:b640:93a1 (United States)

ASN16509 (AMAZON-02, US)

secure-gl.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.2.148 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 178.250.2.135 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: pix.am5.vip.prod.criteo.com

pix.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 178.250.2.150 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::2 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.nl.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.148.209 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-148-209.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.192.160.219 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-219.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8100:8701:aae2:1118:ca9 (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	criteo.net static.criteo.net — Cisco Umbrella Rank: 632 pix.eu.criteo.net — Cisco Umbrella Rank: 7400 csm.eu.criteo.net — Cisco Umbrella Rank: 7420	62 KB
18	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 98 tpc.googlesyndication.com — Cisco Umbrella Rank: 128	305 KB
9	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 cm.g.doubleclick.net — Cisco Umbrella Rank: 211	33 KB
6	criteo.com rtb.fr.eu.criteo.com — Cisco Umbrella Rank: 13058 ads.eu.criteo.com — Cisco Umbrella Rank: 7422 cat.nl.eu.criteo.com — Cisco Umbrella Rank: 9555 rtb.nl.eu.criteo.com — Cisco Umbrella Rank: 11325	100 KB
6	projecthoneypot.org 1 redirects www.projecthoneypot.org — Cisco Umbrella Rank: 616491	18 KB
5	google.com adservice.google.com — Cisco Umbrella Rank: 77 www.google.com — Cisco Umbrella Rank: 4	2 KB
3	google.de adservice.google.de — Cisco Umbrella Rank: 7579	1 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 1696	1 KB
2	imrworldwide.com secure-gl.imrworldwide.com — Cisco Umbrella Rank: 1396	1 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 176	73 KB
2	google-analytics.com ssl.google-analytics.com — Cisco Umbrella Rank: 279	17 KB
1	innovid.com ag.innovid.com — Cisco Umbrella Rank: 1591	296 B
1	mookie1.com odr.mookie1.com — Cisco Umbrella Rank: 962	356 B
1	everesttech.net 1 redirects pixel.everesttech.net — Cisco Umbrella Rank: 3287	376 B
1	quantserve.com cms.quantserve.com — Cisco Umbrella Rank: 1127	465 B
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 794	651 B
0	gemius.pl Failed googlecm.hit.gemius.pl Failed
89	17

	Domain	Requested by
14	pix.eu.criteo.net	ads.eu.criteo.com
14	static.criteo.net	ads.eu.criteo.com
11	pagead2.googlesyndication.com	www.projecthoneypot.org pagead2.googlesyndication.com www.googletagservices.com tpc.googlesyndication.com googleads.g.doubleclick.net
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net www.projecthoneypot.org
6	www.projecthoneypot.org	1 redirects www.projecthoneypot.org
4	csm.eu.criteo.net	ads.eu.criteo.com
3	cm.g.doubleclick.net	googleads.g.doubleclick.net
3	adservice.google.com	pagead2.googlesyndication.com
3	adservice.google.de	pagead2.googlesyndication.com
2	e.dlx.addthis.com	2 redirects
2	www.google.com	tpc.googlesyndication.com googleads.g.doubleclick.net
2	cat.nl.eu.criteo.com	ads.eu.criteo.com
2	secure-gl.imrworldwide.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	ssl.google-analytics.com	www.projecthoneypot.org
1	ag.innovid.com	googleads.g.doubleclick.net
1	odr.mookie1.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	cms.quantserve.com	googleads.g.doubleclick.net
1	rtb.nl.eu.criteo.com	www.projecthoneypot.org
1	rtb.fr.eu.criteo.com	googleads.g.doubleclick.net
1	partner.googleadservices.com	pagead2.googlesyndication.com
0	googlecm.hit.gemius.pl Failed	googleads.g.doubleclick.net
89	25

This site contains links to these domains. Also see Links.

Domain
www.cafepress.com
www.facebook.com
www.twitter.com
bt50.org
www.cloudflare.com
www.unspam.com
www.actwiki.com

Subject Issuer	Validity	Valid
*.projecthoneypot.org Sectigo RSA Domain Validation Secure Server CA	`2021-10-30` - `2022-11-29`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.fr.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-13` - `2022-06-09`	3 months	crt.sh
*.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-19` - `2022-06-18`	3 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-11` - `2022-07-13`	3 months	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2022-01-04` - `2023-02-03`	a year	crt.sh
*.nl.eu.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-15` - `2022-06-13`	3 months	crt.sh
*.eu.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-10` - `2022-07-04`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-11` - `2022-07-04`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2022-02-24` - `2023-03-27`	a year	crt.sh
*.innovid.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-15` - `2023-04-15`	a year	crt.sh

This page contains 10 frames:

Primary Page: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050
Frame ID: BFF76DF1B594001506B83333AA9DB7A2
Requests: 21 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6572552607348631&output=html&h=610&adk=3839013157&adf=2112710622&w=160&lmt=1650616364&channel=7995546293&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=000000&color_text=000000&color_url=003399&url=https%3A%2F%2Fwww.projecthoneypot.org%2Fip_e4f1def7f06f5e8ea9c95602fa813050&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650616364792&bpp=12&bdt=398&idt=94&shv=r20220420&mjsv=m202204200101&ptt=5&saldr=sa&abxe=1&correlator=2962720031446&frm=20&pv=2&ga_vid=795867579.1650616365&ga_sid=1650616365&ga_hid=1569397422&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067068%2C31067205&oid=2&pvsid=523428748272482&pem=767&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JodPJZdIMB&p=https%3A//www.projecthoneypot.org&dtd=108
Frame ID: 97C585C8979BE5110E8AD35719334B9C
Requests: 8 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmJoLAAOz0AK7fkBAA33Wuvmdj6MOBaiheNEDg&u=%7CMixRPri2U7KX3VEVjfnzofqKQBFinnVfQF3xi8wE9Qs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj1Fo-3X1GkDKFY1EPgVNfZSVg9eKZqlgOzx0VSz1GPPNEr3wIfwj7oT6NCo9dniMqeDEdQ1vZKUWiQIfRnTQw1fV2HreplpIYG6r8Efb78qv_f6NYIXbCtHtAo9MnMUcStDTh22Boc35ZFQmacs8ER_6MZ__Zl77JdZj0iRyOvNYfh571KZbpHHwE-CmXbZ_bpVlK6FBVGlPg-oFOUhLSv1A_4kpg3MW-3y-JmZqZ1gXdSEsrTXnvNuSdLBsRG1GcdHXQeSyEzD0CWP8fScbLYGUpNKt3xcYIy4mA4LTy0riKeYDxX8kGLDt7a9lEMFjU7GPZUj6i-lLM8WkxRUf29BfWD87XnMuX2dx2TVPEF2yr-BUlreOLl7a7FAyr7Nc1z36-UEEaNZn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIGeLGhiYsCeO4Hytwfa7rfAAcme0rFc1Z2R93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTiAU_QZh43ueRVRNQjb5haobatHeJprskBHUGgBNflm5C1RP1xoRHzSHtuUCjkBmQ2uIw7EvlZOA-zg8MwxEHgAYxFSfbI4GgyKQsxjAzleHC5bWBPD6qdpkhnaqUZFQ9MN57KUXvtItqQ05VrB4UVuOmXvvCU7bRL3VWX62e4GtDNPHDF8EjfoTRyrN1owemqul0WR65XrkWUeTl_XQgG-kxW3vs5XAxp5ll8WfReKYwJKmRqrF7pVednWLxZdergLmz5jwwPGtt4fBYYP1dspiD2VoGnEzTXbIEBfaoWP34WMOyABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0r4IJqakA70xOLx8TnfBy5hgltlQ%26client%3Dca-pub-6572552607348631%26adurl%3D
Frame ID: 07D0E5AD019ACEBEC6D8FC0B9527D8E5
Requests: 22 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html
Frame ID: 7B1F08CB89FB9399775B55BEEA9232AC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6572552607348631&output=html&adk=1812271804&adf=3025194257&lmt=1650616366&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=7995546293&format=0x0&url=https%3A%2F%2Fwww.projecthoneypot.org%2Fip_e4f1def7f06f5e8ea9c95602fa813050&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650616366155&bpp=2&bdt=1762&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e4b0ba1b48954fd-225bacbb7ccd00b1%3AT%3D1650616364%3ART%3D1650616364%3AS%3DALNI_MadvILLzLSbv8owJZyaF5LSh2JIRQ&prev_fmts=160x600_as&nras=1&correlator=2962720031446&pv_ch=7995546293%2B&frm=20&pv=1&ga_vid=795867579.1650616365&ga_sid=1650616365&ga_hid=1569397422&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067068%2C31067205&oid=2&psts=AGkb-H-kbnKhjw1EQagIPnnRJIO-Blvf3CNhltk21xu_v6GNBCAYqMFEQ7W7gK8h4riVZkV75CaYfwdKJ1mf&pvsid=523428748272482&pem=767&tmod=633630603&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=24
Frame ID: 73FCE6E14C4FB5C8A5A8308E1136D1BD
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F0A8364C0779BF8CB7D2DC36780F0964
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1D61C0BFF9A9F20737F44C375C93758D
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Frame ID: 4B82899C398ABE9C24A95E6AE9154FD2
Requests: 9 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmJoLgADOdsK7eCLAAI9-rI20CZFMhEmn8BBDQ&u=%7CSKK4pMk5ZVpgIsgaOfstE4p7R55QABbqp1sdULH9%2FUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0fMK47SxQE1alVzB4J2G-G9papqZ0DrC31xMRbH_yVNlYADAcOeqrN28QPSfyZ0FiQrpv4ZFKo4UTcqQ54J4HljiafkMPi5y5xgtBawUg7DsOZAlWBFl2Z8s14b6nRafc8ME81LGrgsgsLaVXBF7fuYaxwKqf0VIljalZJD7syoi4rlHB8mCqSFoUU1OC9cfryx-rmeuB-0hgO7NMAFw-kDWEXbmAtcJo3yD-YFyOpQu0tzE6dCpxNO1v2imcgrzWvFWs_NnDAwEKzlN9wlaE1okXDwvire3BRpg_UsOJOoU22M7GRlrFD52b22E5-jZiORgTbLiBSQKiwehW5DDJxGrXjELyS1psvApiR7ZSb284zBzEMJHKTT&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWBJwLmhiYtvzDIvBtwf6-4j4A8me0rFcvY6X93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTjAU_QeBF_pntG3FOETyLwU3o-iA8LzfQ2IftK_QdSkfkQxaBdqO4c3d-yvLF0qmEkq3OAKJWOUFI2ipurbxHCrfdoaC18XfICmZF9m-5NDXX-oaHgyvfCFdKu1QHVx4kmO1rk_gbNZ25BnoBUi8-vmjLzOckXv3rcmTTTOZLFtDk5CVqiEOxOweTgtPi7l8dvMP6OOhAo96C2Qf-ln6vuJcqmm8s2cqeeNXD2OfvVyAssC8Myk1PU0G6S_OIVD2yC9kMLdmENgZ8BqkKGAUqZ8sIFz34-BuqPC8vyU_QzdVU5Y8wdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PKN3abMEa4QKyJ7qjC4Glamx9gQ%26client%3Dca-pub-6572552607348631%26adurl%3D
Frame ID: D9E9A8F95950AAAA84D899D6D5D6D57B
Requests: 16 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 9EF8F8253C489ABD53EC9D6D7E0AD609
Requests: 8 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

IP Address Inspector | Project Honey Pot

Page URL History Show full URLs

http://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050 HTTP 302
https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050 Page URL

Detected technologies

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Page Statistics

89
Requests

97 %
HTTPS

61 %
IPv6

17
Domains

25
Subdomains

22
IPs

5
Countries

614 kB
Transfer

1628 kB
Size

20
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.cafepress.com/projecthoneypot
Title: Buy Swag

Search URL Search Domain Scan URL

URL: http://www.facebook.com/pages/Project-Honey-Pot/241276949072

Search URL Search Domain Scan URL

URL: http://www.twitter.com/projecthoneypot

Search URL Search Domain Scan URL

URL: https://bt50.org/nonalignedfrequent.php?entry_id=0

Search URL Search Domain Scan URL

URL: http://www.cloudflare.com/
Title: Cloudflare Site Protection

Search URL Search Domain Scan URL

URL: http://www.unspam.com/
Title: Unspam Technologies

Search URL Search Domain Scan URL

URL: http://www.actwiki.com/nadmin/admin
Title: contact | wiki | email

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050 HTTP 302
https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 65

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIl3u_iWrNbk4YGHMPXeZ1c3d0GWW7VzjlAArrrUFJknzfEUugTvAmYSyleNFdKhQz-KunURp4c4WFdl2SEaRjj2QM5emFF&google_gid=CAESEKw2Eh3NBvd0Xhl1fEVbMbw&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1Kb0xnQUFBTGF0cGxuWQ&google_push=AYg5qPIl3u_iWrNbk4YGHMPXeZ1c3d0GWW7VzjlAArrrUFJknzfEUugTvAmYSyleNFdKhQz-KunURp4c4WFdl2SEaRjj2QM5emFF

Request Chain 66

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJZtY03lYo5TkLQpDksaHYCAfBtK4I4_O76ifnWjdA9cHE5bp2BTNuOLBWN5yZ6vwxKltnKN2dBYlTpq2W_dW8Bn-DwLwE&google_gid=CAESELGP41M4f_-cqgcx4S-EoPI&google_cver=1 HTTP 302
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJZtY03lYo5TkLQpDksaHYCAfBtK4I4_O76ifnWjdA9cHE5bp2BTNuOLBWN5yZ6vwxKltnKN2dBYlTpq2W_dW8Bn-DwLwE&google_gid=CAESELGP41M4f_-cqgcx4S-EoPI&google_cver=1&rd=Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjIwODMyNDYwMDAyMjY2MTY3NzIxMg%3D%3D&google_push=AYg5qPJZtY03lYo5TkLQpDksaHYCAfBtK4I4_O76ifnWjdA9cHE5bp2BTNuOLBWN5yZ6vwxKltnKN2dBYlTpq2W_dW8Bn-DwLwE

89 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request ip_e4f1def7f06f5e8ea9c95602fa813050 Show response
www.projecthoneypot.org/
Redirect Chain

http://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050
https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

8 KB
3 KB

391ms
133ms

Document
text/html

209.124.55.40
123NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.124.55.40 Ann Arbor, United States, ASN12129 (123NET, US),

Reverse DNS

www.projecthoneypot.org

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

b093e979413460dd831afc81d64faa096b9a005e4cdf0d2b155a0ddcd9ad9f1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 22 Apr 2022 08:32:44 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: nginx/1.14.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

Redirect headers

Connection: keep-alive
Content-Length: 170
Content-Type: text/html
Date: Fri, 22 Apr 2022 08:32:43 GMT
Location: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050
Server: nginx/1.14.0 (Ubuntu)
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Frame-Options: DENY

GET
H/1.1 200
OK hp.css
www.projecthoneypot.org/css/ 11 KB
3 KB 128ms
128ms Stylesheet
text/css 209.124.55.40
123NET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.projecthoneypot.org/css/hp.css

Requested by

Host: www.projecthoneypot.org
URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.124.55.40 Ann Arbor, United States, ASN12129 (123NET, US),

Reverse DNS

www.projecthoneypot.org

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

39eb71c9628e5cb1bd500fa1525c7e3a0caecc403dc140c4aeed591eef18d652

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 08:32:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 24 Apr 2020 19:44:23 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: W/"5ea34197-2a6d"
X-Frame-Options: DENY
Content-Type: text/css
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=31536000

GET
H/1.1 200
OK php_logo.gif
www.projecthoneypot.org/images/ 6 KB
6 KB 256ms
127ms Image
image/gif 209.124.55.40
123NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.projecthoneypot.org/images/php_logo.gif

Requested by

Host: www.projecthoneypot.org
URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.124.55.40 Ann Arbor, United States, ASN12129 (123NET, US),

Reverse DNS

www.projecthoneypot.org

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

36ea8030974e462c5f768759d5fd3ea7b5cf501e21144d2a006fc2549a2393a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 08:32:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Apr 2018 06:48:16 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ae6bc30-16ad"
X-Frame-Options: DENY
Content-Type: image/gif
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 5805

GET
H2 200 show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 115 KB
40 KB 74ms
29ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: www.projecthoneypot.org
URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c9ab9641c7584d903d671ca719aa35b4a47c6b8c592a0a4d2c0422e4baa72418

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40030
x-xss-protection: 0
server: cafe
etag: 6246881389280791248
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 08:32:44 GMT

GET
H/1.1 200
OK facebook72.png
www.projecthoneypot.org/images/ 2 KB
2 KB 246ms
126ms Image
image/png 209.124.55.40
123NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.projecthoneypot.org/images/facebook72.png

Requested by

Host: www.projecthoneypot.org
URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.124.55.40 Ann Arbor, United States, ASN12129 (123NET, US),

Reverse DNS

www.projecthoneypot.org

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

34f4e0ba3a52886710c0360d3f8f35352b6c0a73c7181f690c135b1d24eaa8f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 08:32:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Apr 2018 06:48:15 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ae6bc2f-633"
X-Frame-Options: DENY
Content-Type: image/png
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 1587

GET
H/1.1 200
OK twitter72.png
www.projecthoneypot.org/images/ 3 KB
4 KB 254ms
127ms Image
image/png 209.124.55.40
123NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.projecthoneypot.org/images/twitter72.png

Requested by

Host: www.projecthoneypot.org
URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

209.124.55.40 Ann Arbor, United States, ASN12129 (123NET, US),

Reverse DNS

www.projecthoneypot.org

Software

nginx/1.14.0 (Ubuntu) /

Resource Hash

edf68bca77c1574b585c5d63278fde9e26c58f1c5d39d3fd5ad68c2cfde47ffb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Date: Fri, 22 Apr 2022 08:32:44 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 30 Apr 2018 06:48:17 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "5ae6bc31-ceb"
X-Frame-Options: DENY
Content-Type: image/png
Connection: keep-alive
Strict-Transport-Security: max-age=31536000
Accept-Ranges: bytes
Content-Length: 3307

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/ 305 KB
109 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=pub-6572552607348631&plah=www.projecthoneypot.org&bust=31067205

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a7599f277cabb2c2183be5bc58800d445d077301030195cb0787774752932aac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111275
x-xss-protection: 0
server: cafe
etag: 5337111316625719943
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 08:32:44 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 59ms
23ms Script
text/javascript 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.projecthoneypot.org
URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.projecthoneypot.org/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 5085
date: Fri, 22 Apr 2022 07:07:59 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Fri, 22 Apr 2022 09:07:59 GMT

GET
H3 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
54 B 52ms
21ms Image
image/gif 2a00:1450:4001:80e::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1893904620&utmhn=www.projecthoneypot.org&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=IP%20Address%20Inspector%20%7C%20Project%20Honey%20Pot&utmhid=1569397422&utmr=-&utmp=%2Fip_e4f1def7f06f5e8ea9c95602fa813050&utmht=1650616364878&utmac=UA-51163191-1&utmcc=__utma%3D28036733.795867579.1650616365.1650616365.1650616365.1%3B%2B__utmz%3D28036733.1650616365.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1539743818&utmredir=1&utmu=DAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.projecthoneypot.org
URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 223 B
651 B 82ms
21ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.projecthoneypot.org&callback=_gfp_s_&client=ca-pub-6572552607348631

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/show_ads_impl_with_ama_fy2019.js?client=pub-6572552607348631&plah=www.projecthoneypot.org&bust=31067205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

96962e4866c7f248570605ed4f6bb9422127da0993447ae20793b197fd620a88

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 207
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 58ms
22ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.projecthoneypot.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 08:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 58ms
23ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.projecthoneypot.org

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 08:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 97C5 22 KB
10 KB 184ms
146ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6572552607348631&output=html&h=610&adk=3839013157&adf=2112710622&w=160&lmt=1650616364&channel=7995546293&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=000000&color_text=000000&color_url=003399&url=https%3A%2F%2Fwww.projecthoneypot.org%2Fip_e4f1def7f06f5e8ea9c95602fa813050&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650616364792&bpp=12&bdt=398&idt=94&shv=r20220420&mjsv=m202204200101&ptt=5&saldr=sa&abxe=1&correlator=2962720031446&frm=20&pv=2&ga_vid=795867579.1650616365&ga_sid=1650616365&ga_hid=1569397422&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067068%2C31067205&oid=2&pvsid=523428748272482&pem=767&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JodPJZdIMB&p=https%3A//www.projecthoneypot.org&dtd=108

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

cf9e27234b92c3288c7188fc10f14e8089075e4fe1193497fce511cf63c4b213

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.projecthoneypot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: br
content-length: 9382
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 08:32:45 GMT
expires: Fri, 22 Apr 2022 08:32:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 97C5 3 KB
1 KB 56ms
15ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6572552607348631&output=html&h=610&adk=3839013157&adf=2112710622&w=160&lmt=1650616364&channel=7995546293&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=000000&color_text=000000&color_url=003399&url=https%3A%2F%2Fwww.projecthoneypot.org%2Fip_e4f1def7f06f5e8ea9c95602fa813050&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650616364792&bpp=12&bdt=398&idt=94&shv=r20220420&mjsv=m202204200101&ptt=5&saldr=sa&abxe=1&correlator=2962720031446&frm=20&pv=2&ga_vid=795867579.1650616365&ga_sid=1650616365&ga_hid=1569397422&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067068%2C31067205&oid=2&pvsid=523428748272482&pem=767&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JodPJZdIMB&p=https%3A//www.projecthoneypot.org&dtd=108

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:11:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 08:11:13 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 97C5 15 KB
7 KB 54ms
13ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:00:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1907
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6368
x-xss-protection: 0
server: cafe
etag: 1861550861606854559
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 08:00:58 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 97C5 119 KB
37 KB 66ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 08:32:45 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 97C5 0
0 79ms
57ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CJ979LGhiYsCeO4Hytwfa7rfAAcme0rFc1Z2R93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTfAU_QZh43ueRVRNQjb5haobatHeJprskBHUGgBNflm5C1RP1xoRHzSHtuUCjkBmQ2uIw7EvlZOA-zg8MwxEHgAYxFSfbI4GgyKQsxjAzleHC5bWBPD6qdpkhnaqUZFQ9MN57KUXvtItqQ05VrB4UVuOmXvvCU7bRL3VWX62e4GtDNPHDF8EjfoTRyrN1owemqul0WR65XrkWUeTl_XQgG-kxW3vs5XAxp5ll8WfReKYwJKmRqrF7pVednGr54521vsn9GExisyubehB8MNeFmiDh04kmatcZocq0Z-ACSLMGABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBABgAoB-gsCCAGADAHQFQGAFwGyFxoKGBIUcHViLTY1NzI1NTI2MDczNDg2MzEYAA&sigh=M7dCfpqMly4&uach_m=[UACH]&cid=CAQSGwCNIrLMGPpNtNTwVE-0RuBwNIeQIzO9TUDKAhgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6572552607348631&output=html&h=610&adk=3839013157&adf=2112710622&w=160&lmt=1650616364&channel=7995546293&ad_type=text_image&format=160x600_as&color_bg=FFFFFF&color_border=FFFFFF&color_link=000000&color_text=000000&color_url=003399&url=https%3A%2F%2Fwww.projecthoneypot.org%2Fip_e4f1def7f06f5e8ea9c95602fa813050&alt_color=FFFFFF&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650616364792&bpp=12&bdt=398&idt=94&shv=r20220420&mjsv=m202204200101&ptt=5&saldr=sa&abxe=1&correlator=2962720031446&frm=20&pv=2&ga_vid=795867579.1650616365&ga_sid=1650616365&ga_hid=1569397422&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=468&ady=415&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067068%2C31067205&oid=2&pvsid=523428748272482&pem=767&uas=0&nvt=1&eae=0&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=1&uci=a!1&fsb=1&xpc=JodPJZdIMB&p=https%3A//www.projecthoneypot.org&dtd=108
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 22 Apr 2022 08:32:45 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 22 Apr 2022 08:32:45 GMT

GET
H2 200 notify
rtb.fr.eu.criteo.com/google/auction/ Frame 97C5 0
0 76ms
16ms Fetch 2a02:2638::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8ENyBMKAB2ASdg2ICAgAAAJjwIKKp8HmwECxoYmJEP4sw4Vy_TKzEJQASAAA&wp=YmJoLAAOz0AK7fkBAA33Wuvmdj6MOBaiheNEDg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:44 GMT
server: Kestrel
server-processing-duration-in-ticks: 261664
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 07D0 199 KB
57 KB 507ms
145ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YmJoLAAOz0AK7fkBAA33Wuvmdj6MOBaiheNEDg&u=%7CMixRPri2U7KX3VEVjfnzofqKQBFinnVfQF3xi8wE9Qs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj1Fo-3X1GkDKFY1EPgVNfZSVg9eKZqlgOzx0VSz1GPPNEr3wIfwj7oT6NCo9dniMqeDEdQ1vZKUWiQIfRnTQw1fV2HreplpIYG6r8Efb78qv_f6NYIXbCtHtAo9MnMUcStDTh22Boc35ZFQmacs8ER_6MZ__Zl77JdZj0iRyOvNYfh571KZbpHHwE-CmXbZ_bpVlK6FBVGlPg-oFOUhLSv1A_4kpg3MW-3y-JmZqZ1gXdSEsrTXnvNuSdLBsRG1GcdHXQeSyEzD0CWP8fScbLYGUpNKt3xcYIy4mA4LTy0riKeYDxX8kGLDt7a9lEMFjU7GPZUj6i-lLM8WkxRUf29BfWD87XnMuX2dx2TVPEF2yr-BUlreOLl7a7FAyr7Nc1z36-UEEaNZn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIGeLGhiYsCeO4Hytwfa7rfAAcme0rFc1Z2R93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTiAU_QZh43ueRVRNQjb5haobatHeJprskBHUGgBNflm5C1RP1xoRHzSHtuUCjkBmQ2uIw7EvlZOA-zg8MwxEHgAYxFSfbI4GgyKQsxjAzleHC5bWBPD6qdpkhnaqUZFQ9MN57KUXvtItqQ05VrB4UVuOmXvvCU7bRL3VWX62e4GtDNPHDF8EjfoTRyrN1owemqul0WR65XrkWUeTl_XQgG-kxW3vs5XAxp5ll8WfReKYwJKmRqrF7pVednWLxZdergLmz5jwwPGtt4fBYYP1dspiD2VoGnEzTXbIEBfaoWP34WMOyABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0r4IJqakA70xOLx8TnfBy5hgltlQ%26client%3Dca-pub-6572552607348631%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

43685ceb42651d0bd22a26d8d7dbf397a41843cfa9c2b59d9de8ce054afa7d3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 08:32:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=diMnEQm1FaZhmBKaG9lle7knayR6AyO6y1L9OGK2b966gvv0Z4DU4XcTLb90Pygq-SlljOB4axJFWYrr8IcEquI1vNp9bFt0E3MWMt5ovoj1iwpW_7KTK_w26daxPMttsZD2sQMpi4W43rwsrMESBAn9n8fmJTFnh29K1rNVWjY1q-BP3pCbAhsNJJV5frLR5LwA3PbyIT1EMcKVh_kcEFFipRLsvuUlJp0HNr_Cj2XddZkmQ5kUSozonTVQSjgmnGf34Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 122974169
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame 97C5 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 751f62e75bc3060e83ecb1fb242b1ab6f7a76a2ca6fb6ab8a9e5e276476f05aa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 07D0 2 KB
1 KB 51ms
21ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmJoLAAOz0AK7fkBAA33Wuvmdj6MOBaiheNEDg&u=%7CMixRPri2U7KX3VEVjfnzofqKQBFinnVfQF3xi8wE9Qs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj1Fo-3X1GkDKFY1EPgVNfZSVg9eKZqlgOzx0VSz1GPPNEr3wIfwj7oT6NCo9dniMqeDEdQ1vZKUWiQIfRnTQw1fV2HreplpIYG6r8Efb78qv_f6NYIXbCtHtAo9MnMUcStDTh22Boc35ZFQmacs8ER_6MZ__Zl77JdZj0iRyOvNYfh571KZbpHHwE-CmXbZ_bpVlK6FBVGlPg-oFOUhLSv1A_4kpg3MW-3y-JmZqZ1gXdSEsrTXnvNuSdLBsRG1GcdHXQeSyEzD0CWP8fScbLYGUpNKt3xcYIy4mA4LTy0riKeYDxX8kGLDt7a9lEMFjU7GPZUj6i-lLM8WkxRUf29BfWD87XnMuX2dx2TVPEF2yr-BUlreOLl7a7FAyr7Nc1z36-UEEaNZn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIGeLGhiYsCeO4Hytwfa7rfAAcme0rFc1Z2R93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTiAU_QZh43ueRVRNQjb5haobatHeJprskBHUGgBNflm5C1RP1xoRHzSHtuUCjkBmQ2uIw7EvlZOA-zg8MwxEHgAYxFSfbI4GgyKQsxjAzleHC5bWBPD6qdpkhnaqUZFQ9MN57KUXvtItqQ05VrB4UVuOmXvvCU7bRL3VWX62e4GtDNPHDF8EjfoTRyrN1owemqul0WR65XrkWUeTl_XQgG-kxW3vs5XAxp5ll8WfReKYwJKmRqrF7pVednWLxZdergLmz5jwwPGtt4fBYYP1dspiD2VoGnEzTXbIEBfaoWP34WMOyABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0r4IJqakA70xOLx8TnfBy5hgltlQ%26client%3Dca-pub-6572552607348631%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:45 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 07D0 2 KB
1 KB 43ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:45 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 07D0 308 B
637 B 42ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 17 Apr 2023 08:32:45 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame 07D0 507 B
835 B 43ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 17 Apr 2023 08:32:45 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame 07D0 0
689 B 411ms
330ms Image
text/plain 2600:9000:224a:5000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1650616365
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmJoLAAOz0AK7fkBAA33Wuvmdj6MOBaiheNEDg&u=%7CMixRPri2U7KX3VEVjfnzofqKQBFinnVfQF3xi8wE9Qs%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_ArHr9DlvVwUA0Lh10Pk2WlfeyBMX_as4AVFYMbMe0Cm0xI9yR5IIJj1Fo-3X1GkDKFY1EPgVNfZSVg9eKZqlgOzx0VSz1GPPNEr3wIfwj7oT6NCo9dniMqeDEdQ1vZKUWiQIfRnTQw1fV2HreplpIYG6r8Efb78qv_f6NYIXbCtHtAo9MnMUcStDTh22Boc35ZFQmacs8ER_6MZ__Zl77JdZj0iRyOvNYfh571KZbpHHwE-CmXbZ_bpVlK6FBVGlPg-oFOUhLSv1A_4kpg3MW-3y-JmZqZ1gXdSEsrTXnvNuSdLBsRG1GcdHXQeSyEzD0CWP8fScbLYGUpNKt3xcYIy4mA4LTy0riKeYDxX8kGLDt7a9lEMFjU7GPZUj6i-lLM8WkxRUf29BfWD87XnMuX2dx2TVPEF2yr-BUlreOLl7a7FAyr7Nc1z36-UEEaNZn&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCeIGeLGhiYsCeO4Hytwfa7rfAAcme0rFc1Z2R93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTiAU_QZh43ueRVRNQjb5haobatHeJprskBHUGgBNflm5C1RP1xoRHzSHtuUCjkBmQ2uIw7EvlZOA-zg8MwxEHgAYxFSfbI4GgyKQsxjAzleHC5bWBPD6qdpkhnaqUZFQ9MN57KUXvtItqQ05VrB4UVuOmXvvCU7bRL3VWX62e4GtDNPHDF8EjfoTRyrN1owemqul0WR65XrkWUeTl_XQgG-kxW3vs5XAxp5ll8WfReKYwJKmRqrF7pVednWLxZdergLmz5jwwPGtt4fBYYP1dspiD2VoGnEzTXbIEBfaoWP34WMOyABtSgisukm6ijbKAGIagHipixAqgHpr4bqAeW2BuoB6qbsQKoB9-fsQLYBwDSCAcIgOGAEBAB-gsCCAGADAHQFQGAFwE%26num%3D1%26sig%3DAOD64_0r4IJqakA70xOLx8TnfBy5hgltlQ%26client%3Dca-pub-6572552607348631%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:45 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: kPwA_VSTJ2O_UF0ghWJiNTAxU4G3Bg0zkZlNEkDndde68GpijHDQNA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame 07D0 43 B
348 B 60ms
19ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=OKw65LVoxiUkYxpRvIEneF5dHbCYbFveQijTXfv9hkGeQoqPlpbAsBgzHYNpU7yJM_IdpvId4HWGt8mnP2Hy1IEShkd-gmR4aE6-cuXPF1kQdSD15zcVGvfHivxTGE2U5mS88DS2cieh8PKMDvhgIKJl3tI3mlwggGP5lwZOwQLhkTqBFI0ZCnW6GYffJh3KDnZ1sUx3b-46ok9DtuuVgJCstuoNhbPatdZ8AaS4wfvPz80ye-UKh-4DX7k0O_TnkNFEu8YUCLssiYrwQ6xsbb1bZi8lTsmQXkEDPNr_bJCU76KICAqng-F9zNkMA-GnPMDKomJZmH8qBlY_IBmOvAZ7qHWqKa0VQDZ9l3bZUxSFGD6O7CX7S-Bs_3npMoQAHD68h7aKPUDgFr3svNImP9KWBqMMbWQCYCTVoJpVvAK8e653DAKfDZOB6q4umICCyqj54g

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:45 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 3038088
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 07D0 12 KB
6 KB 15ms
14ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 9 KB
10 KB 256ms
12ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=108&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F8d6bc06124f044d4973e0db21c495799_logo.png&v=3&w=316&s=yESPooROoRi3Jpqgu1pEFu6z

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

3769f5b84f2f3c8e4da085a3a576ecb6212ccfdf72ec3b9c3501dcecc0a339ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=28595298
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 9515
expires: Sun, 19 Mar 2023 07:41:04 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 400 B
657 B 263ms
20ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDB_Mobility_Logistics_AG_60544DE.gif%3Feb%3D1&v=3&w=800&s=0y_71H41LXRUcFG_iY9j6SKC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:44 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 400
expires: Fri, 22 Apr 2022 08:32:45 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 1 KB
1 KB 264ms
21ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FW%2FlogoWurth-IT-GmbH-186264DE.gif%3Feb%3D1&v=3&w=800&s=Cr7TCiyGbzNL5Ejy2wlKoqXC&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

90d3f9c048cd584f0e746b158cd90e23889b6c782d444f694d74d0d2cf3bf6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=796947
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1228
expires: Sun, 01 May 2022 13:55:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 2 KB
2 KB 262ms
19ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FE%2FlogoETAS_DE.gif%3Feb%3D1&v=3&w=800&s=El731N9GN8h1ZZw5llepcZgr&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ac03615b7683528c4a36b427b1c4b0dcdd3578fb9caa7b732a96079a5cbb2dd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=293596
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1876
expires: Mon, 25 Apr 2022 18:06:02 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 1 KB
1 KB 262ms
20ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FZ%2FlogoZEISS-3427DE.gif%3Feb%3D1&v=3&w=800&s=RrXO-dKDwT9QyY0iBiT47Xw6&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=2086076
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1244
expires: Mon, 16 May 2022 12:00:42 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 2 KB
2 KB 263ms
21ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=800&s=HYbmSDVtbe5wAnm1TH3AhaIB&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1887330
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sat, 14 May 2022 04:48:16 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 2 KB
2 KB 15ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoMercedes-Benz-Tech-Innovation-187061DE-2204010840.gif%3Feb%3D1&v=3&w=800&s=MWk3vNITAepg9WqaV5vfm8_O&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

ff25eb91fba3cc29f49813fb430d9ef4cf500ced505a9eb300cdd05c015b8b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=797381
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1664
expires: Sun, 01 May 2022 14:02:27 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 2 KB
2 KB 14ms
13ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FH%2FlogoHermes-Germany-GmbH-167268DE.gif%3Feb%3D1&v=3&w=800&s=XYPZcFBKN4-qOelJXkSz9QFi&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

e02ee8d1a4a2d42f2492ed21cc0fad3c21db4e18ea6695ab32abf8541f6b7d0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1982978
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1566
expires: Sun, 15 May 2022 07:22:24 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 2 KB
3 KB 15ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FB%2FlogoBIM_Textil_Mietservice_Betriebshygiene_GmbH___Co._KG_81969DE.gif%3Feb%3D1&v=3&w=800&s=fZ1OJjPVkp6XWFcdVJDXyBEd&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

b1c0f33bd9ab974666deb7dd98c92cc3f1aef1c3950ea474cfa2c234021216e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1861
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2368
expires: Fri, 22 Apr 2022 09:03:47 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame 07D0 2 KB
3 KB 16ms
15ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F2%2FlogoKrauss-Maffei-Wegmann-GmbH-Co-KG-227044DE.gif%3Feb%3D1&v=3&w=800&s=6BHoLIkVdKqA6NxobqGbCvBL&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

1b09f22c8f31c6984f19fdc1ca31be9915b8c251236891269004a5502ba1cb34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1739787
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 2410
expires: Thu, 12 May 2022 11:49:13 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 07D0 0
128 B 374ms
16ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=diMnEQm1FaZhmBKaG9lle7knayR6AyO6y1L9OGK2b966gvv0Z4DU4XcTLb90Pygq-SlljOB4axJFWYrr8IcEquI1vNp9bFt0E3MWMt5ovoj1iwpW_7KTK_w26daxPMttsZD2sQMpi4W43rwsrMESBAn9n8fmJTFnh29K1rNVWjY1q-BP3pCbAhsNJJV5frLR5LwA3PbyIT1EMcKVh_kcEFFipRLsvuUlJp0HNr_Cj2XddZkmQ5kUSozonTVQSjgmnGf34Q&sds=2&rev=81237&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 22 Apr 2022 08:32:45 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 07D0 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:45 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 07D0 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:45 GMT

GET
H3 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
53 KB 60ms
60ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3341770c9230631306c6ec83255abe7c82a3145235f1c4beeeb247b6aa48615a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54497
x-xss-protection: 0
server: cafe
etag: 6021373655029346809
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 08:32:46 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
10 KB 78ms
43ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20220420&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53e4b9796d810585a22f72334ee3902b7b3833d82b408f1395e3171ced15fc22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10556
x-xss-protection: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 63ms
29ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 08:32:46 GMT

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/ Frame 7B1F 10 KB
4 KB 16ms
16ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220420/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.projecthoneypot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35782
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 22:36:24 GMT
etag: 14837630671339829333
expires: Thu, 05 May 2022 22:36:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 47ms
23ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.projecthoneypot.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 52ms
22ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.projecthoneypot.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73FC 40 KB
14 KB 173ms
172ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-6572552607348631&output=html&adk=1812271804&adf=3025194257&lmt=1650616366&plat=9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&channel=7995546293&format=0x0&url=https%3A%2F%2Fwww.projecthoneypot.org%2Fip_e4f1def7f06f5e8ea9c95602fa813050&ea=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&dt=1650616366155&bpp=2&bdt=1762&idt=2&shv=r20220420&mjsv=m202204200101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D0e4b0ba1b48954fd-225bacbb7ccd00b1%3AT%3D1650616364%3ART%3D1650616364%3AS%3DALNI_MadvILLzLSbv8owJZyaF5LSh2JIRQ&prev_fmts=160x600_as&nras=1&correlator=2962720031446&pv_ch=7995546293%2B&frm=20&pv=1&ga_vid=795867579.1650616365&ga_sid=1650616365&ga_hid=1569397422&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31067068%2C31067205&oid=2&psts=AGkb-H-kbnKhjw1EQagIPnnRJIO-Blvf3CNhltk21xu_v6GNBCAYqMFEQ7W7gK8h4riVZkV75CaYfwdKJ1mf&pvsid=523428748272482&pem=767&tmod=633630603&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=2&uci=a!2&fsb=1&dtd=24

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5215a77c8430f33b51ca49a1452dd6cb1855916e9c13cdd7942b6618463febe8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.projecthoneypot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-encoding: br
content-length: 14757
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 08:32:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F0A8 13 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.projecthoneypot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 373
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 08:26:33 GMT
expires: Sat, 22 Apr 2023 08:26:33 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1D61 783 B
1 KB 68ms
29ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b0d528a2f6cc81b5177bcc76fc93fe770407f08687826f1ebf77be88db6cd7d7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-PxjiWVeMCHUDzBsq5BbgOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.projecthoneypot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 514
content-security-policy: script-src 'report-sample' 'nonce-PxjiWVeMCHUDzBsq5BbgOw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 08:32:46 GMT
expires: Fri, 22 Apr 2022 08:32:46 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 97C5 42 B
64 B 50ms
50ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstpdMYqhNbif2mXSkyffufM9JCHNQeHm-kGKZZLPLscBbxezn7DJFuNRhPPYL0Y_aNdMSdq5J7gNh1n7MTJ746-&sig=Cg0ArKJSzGCI2dobioJaEAE&id=lidar2&mcvt=1000&p=0,0,600,160&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=3839013157&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650616364902&rpt=309&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 OahgkAIwXXEnVYtSx7hLRSdqNDK1Dt0IuJMW5_z-SnY.js Show response
pagead2.googlesyndication.com/bg/ Frame F0A8 35 KB
13 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/OahgkAIwXXEnVYtSx7hLRSdqNDK1Dt0IuJMW5_z-SnY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39a8609002305d7127558b52c7b84b45276a3432b50edd08b89316e7fcfe4a76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 07:48:46 GMT
content-encoding: br
x-content-type-options: nosniff
age: 2640
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13787
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 22 Apr 2023 07:48:46 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1D61 0
0 55ms
54ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20220420&jk=523428748272482&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F0A8 0
9 B 13ms
13ms Image
text/plain 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?3UVmuA
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/ 145 KB
51 KB 46ms
45ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202204200101/reactive_library_fy2019.js?bust=31067205

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

01e728c61a276c2d70e77d6e4370d54e8ea119f55beb0610bb8a576af10fc207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52684
x-xss-protection: 0
server: cafe
etag: 8655445668294416613
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Fri, 22 Apr 2022 08:32:46 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 25ms
23ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.projecthoneypot.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 24ms
24ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.projecthoneypot.org

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/ Frame 4B82 10 KB
4 KB 14ms
14ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.projecthoneypot.org/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 35807
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=1209600
content-encoding: gzip
content-length: 4398
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 22:35:59 GMT
etag: 14837630671339829333
expires: Thu, 05 May 2022 22:35:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 4B82 0
0 55ms
55ms Fetch
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ch4Z6LmhiYtvzDIvBtwf6-4j4A8me0rFcvY6X93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTgAU_QeBF_pntG3FOETyLwU3o-iA8LzfQ2IftK_QdSkfkQxaBdqO4c3d-yvLF0qmEkq3OAKJWOUFI2ipurbxHCrfdoaC18XfICmZF9m-5NDXX-oaHgyvfCFdKu1QHVx4kmO1rk_gbNZ25BnoBUi8-vmjLzOckXv3rcmTTTOZLFtDk5CVqiEOxOweTgtPi7l8dvMP6OOhAo96C2Qf-ln6vuJcqmm8s2cqeeNXD2OfvVyAssC8Myk1PU0G6S_KAXLv4Fed8Yyf0ZIk88DLqPFUAv-OwdTcr2O0x9tNXeS3GZ8UaGgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAYAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi02NTcyNTUyNjA3MzQ4NjMxGAA&sigh=4XnOdYfRAvE&uach_m=[UACH]&cid=CAQSOwCNIrLM2P67lUsGA_TAOd4aVxEJr79VO-cen-4oQ1XiP5e0yqj8xKm03_AbOGyBlfSMqkiZyctAdXZBGAE

Requested by

Host: www.projecthoneypot.org
URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Fri, 22 Apr 2022 08:32:46 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 notify
rtb.nl.eu.criteo.com/google/auction/ Frame 4B82 0
0 154ms
14ms Fetch 2a02:2638:1::2
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.nl.eu.criteo.com/google/auction/notify?profile=14&payload=kOb8EMz6RO0HfJ2DYgICAAAAmPAgoqnwebAQLWhiYqtxVVihA4KT7CNpABIAAA&wp=YmJoLgADOdsK7eCLAAI9-rI20CZFMhEmn8BBDQ

Requested by

Host: www.projecthoneypot.org
URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::2 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
server: Kestrel
server-processing-duration-in-ticks: 228746
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame D9E9 125 KB
43 KB 122ms
121ms Document
text/html 2a02:2638:1::4
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=YmJoLgADOdsK7eCLAAI9-rI20CZFMhEmn8BBDQ&u=%7CSKK4pMk5ZVpgIsgaOfstE4p7R55QABbqp1sdULH9%2FUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0fMK47SxQE1alVzB4J2G-G9papqZ0DrC31xMRbH_yVNlYADAcOeqrN28QPSfyZ0FiQrpv4ZFKo4UTcqQ54J4HljiafkMPi5y5xgtBawUg7DsOZAlWBFl2Z8s14b6nRafc8ME81LGrgsgsLaVXBF7fuYaxwKqf0VIljalZJD7syoi4rlHB8mCqSFoUU1OC9cfryx-rmeuB-0hgO7NMAFw-kDWEXbmAtcJo3yD-YFyOpQu0tzE6dCpxNO1v2imcgrzWvFWs_NnDAwEKzlN9wlaE1okXDwvire3BRpg_UsOJOoU22M7GRlrFD52b22E5-jZiORgTbLiBSQKiwehW5DDJxGrXjELyS1psvApiR7ZSb284zBzEMJHKTT&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWBJwLmhiYtvzDIvBtwf6-4j4A8me0rFcvY6X93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTjAU_QeBF_pntG3FOETyLwU3o-iA8LzfQ2IftK_QdSkfkQxaBdqO4c3d-yvLF0qmEkq3OAKJWOUFI2ipurbxHCrfdoaC18XfICmZF9m-5NDXX-oaHgyvfCFdKu1QHVx4kmO1rk_gbNZ25BnoBUi8-vmjLzOckXv3rcmTTTOZLFtDk5CVqiEOxOweTgtPi7l8dvMP6OOhAo96C2Qf-ln6vuJcqmm8s2cqeeNXD2OfvVyAssC8Myk1PU0G6S_OIVD2yC9kMLdmENgZ8BqkKGAUqZ8sIFz34-BuqPC8vyU_QzdVU5Y8wdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PKN3abMEa4QKyJ7qjC4Glamx9gQ%26client%3Dca-pub-6572552607348631%26adurl%3D

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::4 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

34e8c6c1e16589b39cc1116fcdb4fb07c894c31b988605a84930e115496e698f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Fri, 22 Apr 2022 08:32:45 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=h3Qidwm1FaZhmBKap7UdcUdoc4tz9USXblMRqSuDeqtwkCFO2zJCB9VmZ61bvRkoGGtCjGHcZ6JfyW3nK3ry9GqGyCNbmmB4DD-36WOAkc96jTPBViijRU3K6CRrR2nDDxPD8-2UWq3MgdKtaceFmKcnYCFILLbp5nQw2HStdc_unYgakeGl1KJt_sSBPmCvHRZB-lBrLM7TSu3Gs_hhtvtEWFFsPry2MYhMe1T2Eo51VNt4Nv4SZTW3UMlbjDEFJatqnQ"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 107485992
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H3 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 4B82 3 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:29:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 08:29:49 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 9EF8 1 KB
749 B 20ms
19ms Document
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 68794
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 21 Apr 2022 13:26:12 GMT
etag: 48472445140208031
expires: Fri, 22 Apr 2022 13:26:12 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4B82 119 KB
36 KB 80ms
28ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36950
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1650454428054601"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 22 Apr 2022 08:32:46 GMT

GET
H3 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/ Frame 4B82 15 KB
6 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:827::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220420/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 42
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6409
x-xss-protection: 0
server: cafe
etag: 15284592792851369840
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 06 May 2022 08:32:04 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4B82 0
0 85ms
33ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRxQpIaCKiNHgi8tb-PZGoZsrDmkqF5dVchCyC_tJqjrU2tyWtCRjXQNmb2h09m--o1ggNoU2n1ri-oe2O9M8rMHhnn8A
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H2 200 dpixel
cms.quantserve.com/ Frame 9EF8 35 B
465 B 40ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEMsGt8mY2N9wzrySlRLDITk&google_cver=1&google_push=AYg5qPJIGdT95rdMdb2x_rONtLKS4qncQez11mivXK68ggjKNk28tpygKHZek7-l-zBUQSJvOm6mCCekBJHy9LDfteIA_PlO4D2B

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:46 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EF8
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPIl3u_iWrNbk4YGHMPXeZ1c3d0GWW7VzjlAArr...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1Kb0xnQUFBTGF0cGxuWQ&google_push=AYg5qPIl3u_iWrNbk4YGHMPXeZ1c3d0GWW7VzjlAArrrUFJknzfEUugTvAmYSyleNFdKhQz-KunURp4c4WFdl2SEaRjj2QM5emFF

170 B
188 B

47ms
24ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1Kb0xnQUFBTGF0cGxuWQ&google_push=AYg5qPIl3u_iWrNbk4YGHMPXeZ1c3d0GWW7VzjlAArrrUFJknzfEUugTvAmYSyleNFdKhQz-KunURp4c4WFdl2SEaRjj2QM5emFF

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:46 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WW1Kb0xnQUFBTGF0cGxuWQ&google_push=AYg5qPIl3u_iWrNbk4YGHMPXeZ1c3d0GWW7VzjlAArrrUFJknzfEUugTvAmYSyleNFdKhQz-KunURp4c4WFdl2SEaRjj2QM5emFF
Date: Fri, 22 Apr 2022 08:32:46 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9EF8
Redirect Chain

https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJZtY03...
https://e.dlx.addthis.com/e/a-1189/s-3614?redirect_provider_id=3614&ru=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Ddatalogix_dmp%26google_hm%3D%3CNA_ID%3E%26google_push%3DAYg5qPJZtY03...
https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjIwODMyNDYwMDAyMjY2MTY3NzIxMg%3D%3D&google_push=AYg5qPJZtY03lYo5TkLQpDksaHYCAfBtK4I4_O76ifnWjdA9cHE5bp2BTNuOLBWN5yZ6vw...

170 B
188 B

26ms
26ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjIwODMyNDYwMDAyMjY2MTY3NzIxMg%3D%3D&google_push=AYg5qPJZtY03lYo5TkLQpDksaHYCAfBtK4I4_O76ifnWjdA9cHE5bp2BTNuOLBWN5yZ6vwxKltnKN2dBYlTpq2W_dW8Bn-DwLwE

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:47 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=datalogix_dmp&google_hm=MjAyMjA0MjIwODMyNDYwMDAyMjY2MTY3NzIxMg%3D%3D&google_push=AYg5qPJZtY03lYo5TkLQpDksaHYCAfBtK4I4_O76ifnWjdA9cHE5bp2BTNuOLBWN5yZ6vwxKltnKN2dBYlTpq2W_dW8Bn-DwLwE
pragma: no-cache
date: Fri, 22 Apr 2022 08:32:46 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
strict-transport-security: max-age=2628000
expires: Fri, 22 Apr 2022 08:32:46 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 9EF8 43 B
356 B 52ms
24ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEAgDeen4U0lqOBMuG9Zig6w&google_push=AYg5qPIAU7udIpp5CleDrcK5piyiXBF0C1cN5vA5Z_8fJmwadJrwtPryaAUJVVcICAaUascOxGsulmGTvSJBudB4coemhOEHKf1J&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:46 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 trk
ag.innovid.com/ Frame 9EF8 43 B
296 B 252ms
22ms Image
image/gif 2a05:d01c:1d8:8100:8701:aae2:1118:ca9
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEKvYt8eyYj9J3V-GMSE8xKY&google_cver=1&google_push=AYg5qPKWDjx5Zz9lNvsA9SaO_yh9GZM0lu-KRGdz_nZw5THS8MZkF03YNvRGXmiuHB4TMQshCpEAE70hp9DBjsfesjnHkGyiyhx9
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8100:8701:aae2:1118:ca9 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:46 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET googleredir
googlecm.hit.gemius.pl/ Frame 9EF8 0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame 9EF8 0
232 B 68ms
21ms Image
text/html 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13IzHOZkocrQyto2RcNNBfQ8_bUC2jVHNO7jiqF_smvs0CcFNoKMrl9sFLMPbsAEDrM

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220420/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
DATA 200
OK truncated
/ Frame 4B82 220 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 925356215a811f817a5be0a452e7ec5ea06807fde1f555aec8c09088459903a4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame D9E9 2 KB
1 KB 13ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmJoLgADOdsK7eCLAAI9-rI20CZFMhEmn8BBDQ&u=%7CSKK4pMk5ZVpgIsgaOfstE4p7R55QABbqp1sdULH9%2FUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0fMK47SxQE1alVzB4J2G-G9papqZ0DrC31xMRbH_yVNlYADAcOeqrN28QPSfyZ0FiQrpv4ZFKo4UTcqQ54J4HljiafkMPi5y5xgtBawUg7DsOZAlWBFl2Z8s14b6nRafc8ME81LGrgsgsLaVXBF7fuYaxwKqf0VIljalZJD7syoi4rlHB8mCqSFoUU1OC9cfryx-rmeuB-0hgO7NMAFw-kDWEXbmAtcJo3yD-YFyOpQu0tzE6dCpxNO1v2imcgrzWvFWs_NnDAwEKzlN9wlaE1okXDwvire3BRpg_UsOJOoU22M7GRlrFD52b22E5-jZiORgTbLiBSQKiwehW5DDJxGrXjELyS1psvApiR7ZSb284zBzEMJHKTT&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWBJwLmhiYtvzDIvBtwf6-4j4A8me0rFcvY6X93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTjAU_QeBF_pntG3FOETyLwU3o-iA8LzfQ2IftK_QdSkfkQxaBdqO4c3d-yvLF0qmEkq3OAKJWOUFI2ipurbxHCrfdoaC18XfICmZF9m-5NDXX-oaHgyvfCFdKu1QHVx4kmO1rk_gbNZ25BnoBUi8-vmjLzOckXv3rcmTTTOZLFtDk5CVqiEOxOweTgtPi7l8dvMP6OOhAo96C2Qf-ln6vuJcqmm8s2cqeeNXD2OfvVyAssC8Myk1PU0G6S_OIVD2yC9kMLdmENgZ8BqkKGAUqZ8sIFz34-BuqPC8vyU_QzdVU5Y8wdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PKN3abMEa4QKyJ7qjC4Glamx9gQ%26client%3Dca-pub-6572552607348631%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:46 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame D9E9 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:46 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame D9E9 308 B
636 B 14ms
12ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Mon, 17 Apr 2023 08:32:46 GMT

GET
H2 200 back_button.svg
static.criteo.net/flash/icon/ Frame D9E9 507 B
835 B 15ms
14ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
last-modified: Thu, 01 Apr 2021 14:03:13 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "6065d2a1-1fb"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 507
expires: Mon, 17 Apr 2023 08:32:46 GMT

GET
H2 200 m
secure-gl.imrworldwide.com/cgi-bin/ Frame D9E9 0
688 B 115ms
114ms Image
text/plain 2600:9000:224a:5000:1e:a43d:b640:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-gl.imrworldwide.com/cgi-bin/m?ca=nlsn184820&cr=crtve&ce=criteo&pc=criteo_plc0001&ci=nlsnci162&am=3&at=view&rt=banner&st=image&r=1650616365
Requested by: Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=YmJoLgADOdsK7eCLAAI9-rI20CZFMhEmn8BBDQ&u=%7CSKK4pMk5ZVpgIsgaOfstE4p7R55QABbqp1sdULH9%2FUI%3D%7C&c1=JrbohDAzizBCiLKN5O6jHUI-6dJ9lV_AM8iEE4GHx4XAZ8-c9e5LlJfMjehYPJbM0j2hknANCpOtYk8A6_xGUIsqRqxN4CBxsEbVnYfgd0fMK47SxQE1alVzB4J2G-G9papqZ0DrC31xMRbH_yVNlYADAcOeqrN28QPSfyZ0FiQrpv4ZFKo4UTcqQ54J4HljiafkMPi5y5xgtBawUg7DsOZAlWBFl2Z8s14b6nRafc8ME81LGrgsgsLaVXBF7fuYaxwKqf0VIljalZJD7syoi4rlHB8mCqSFoUU1OC9cfryx-rmeuB-0hgO7NMAFw-kDWEXbmAtcJo3yD-YFyOpQu0tzE6dCpxNO1v2imcgrzWvFWs_NnDAwEKzlN9wlaE1okXDwvire3BRpg_UsOJOoU22M7GRlrFD52b22E5-jZiORgTbLiBSQKiwehW5DDJxGrXjELyS1psvApiR7ZSb284zBzEMJHKTT&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCWBJwLmhiYtvzDIvBtwf6-4j4A8me0rFcvY6X93DAjbcBEAEgAGCVgoCArAeCARdjYS1wdWItNjU3MjU1MjYwNzM0ODYzMaAB1bbS6gPIAQmpAqTct8AIL7I-qAMBqgTjAU_QeBF_pntG3FOETyLwU3o-iA8LzfQ2IftK_QdSkfkQxaBdqO4c3d-yvLF0qmEkq3OAKJWOUFI2ipurbxHCrfdoaC18XfICmZF9m-5NDXX-oaHgyvfCFdKu1QHVx4kmO1rk_gbNZ25BnoBUi8-vmjLzOckXv3rcmTTTOZLFtDk5CVqiEOxOweTgtPi7l8dvMP6OOhAo96C2Qf-ln6vuJcqmm8s2cqeeNXD2OfvVyAssC8Myk1PU0G6S_OIVD2yC9kMLdmENgZ8BqkKGAUqZ8sIFz34-BuqPC8vyU_QzdVU5Y8wdgAbUoIrLpJuoo2ygBiGoB4qYsQKoB6a-G6gHltgbqAeqm7ECqAffn7EC2AcA0ggHCIDhgBAQAfoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2PKN3abMEa4QKyJ7qjC4Glamx9gQ%26client%3Dca-pub-6572552607348631%26adurl%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:224a:5000:1e:a43d:b640:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:46 GMT
via: 1.1 eca56eada7885f8195ee4db13cd72cc2.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: DUS51-P1
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-gl.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
x-cache: Miss from cloudfront
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
content-length: 0
x-amz-cf-id: NnQdJjiCeoEL8ZWLOF7f_EvYgrQtt3xbSyUAG1amItM6NMNAG7_BwA==
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 lg.php
cat.nl.eu.criteo.com/delivery/ Frame D9E9 43 B
347 B 15ms
14ms Image
image/gif 178.250.2.148
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl.eu.criteo.com/delivery/lg.php?cppv=3&cpp=W_wHw_EQXosB4o_DSZQa_qdMyZ5QTIUeHgj_PmS1I91O5fq2TIjqHQVrSoF8W5F9JUAIwM82y_5D-PWBt6yqzEBLnnFTkcQKMKmHhG5dPyYFktKh7TG-eXRMmqS905sbrsf_jDpr3Hou6ia7q7AbooICyucR5b-fq6BHCB2uAlQcUfO6Zb_qfmX9UXKn3ZQP6QY9sf_sWASxy5PLl4zozX5Q0AN6GPPtToMZY5-GmwjOuQfa2Ut20ngvxczpTJKOeWUAEG45oXzjgGt1MjKKU-204xy5prrf7kegYBPzihEv9ewke7iyJg-pw_g-G3PlYGpilaTrXKM4ucefQAhGOw0AUAlqJEfL42nR-Qc38owyAmuWTVgG7DqNTIgHCw8pRDKwkoaLEDBr5KXZILyJVBsQNRQlvF1SYC_rkMIL15OpLtrrAORpcIPI69sXw38VKl48NQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.148 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:45 GMT
server: Kestrel
strict-transport-security: max-age=31536000; preload;
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1815572
content-type: image/gif
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame D9E9 12 KB
6 KB 19ms
17ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D9E9 7 KB
7 KB 15ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?h=244&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fstatic.nl.eu.criteo.net%2Fdesign%2Fdt%2F2861%2F190124%2F79f2c646e3f74b54931cff1f39d769d0_blue.png&v=3&w=196&s=OSVWZlqsAEjHj4o1uxJfPYMJ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=29123971
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 6722
expires: Sat, 25 Mar 2023 10:32:18 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D9E9 400 B
657 B 15ms
14ms Image
image/png 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FD%2FlogoDB_Mobility_Logistics_AG_60544DE.gif%3Feb%3D1&v=3&w=400&s=qejL_9Irgvb-0KwTC4SpoEgt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/png
cache-control: public, max-age=0
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 400
expires: Fri, 22 Apr 2022 08:32:46 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D9E9 1 KB
1 KB 15ms
14ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2FW%2FlogoWurth-IT-GmbH-186264DE.gif%3Feb%3D1&v=3&w=400&s=z9I1InW_lGXZl09mFNLeheib&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

90d3f9c048cd584f0e746b158cd90e23889b6c782d444f694d74d0d2cf3bf6d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:45 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=796946
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1228
expires: Sun, 01 May 2022 13:55:13 GMT

GET
H2 200 img
pix.eu.criteo.net/img/ Frame D9E9 2 KB
2 KB 23ms
22ms Image
image/webp 178.250.2.135
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pix.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=2861&q=80&r=0&u=http%3A%2F%2Fwww.stepstone.de%2Fupload_DE%2Flogo%2F6%2FlogoBosch-Gruppe-2804DE-1909091413.gif%3Feb%3D1&v=3&w=400&s=mpSaavc37cTAcDERDSmhZdBJ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.135 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

pix.am5.vip.prod.criteo.com

Software

Finatra /

Resource Hash

490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Finatra
vary: Origin
content-type: image/webp
cache-control: public, max-age=1887329
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
timing-allow-origin: *
content-length: 1584
expires: Sat, 14 May 2022 04:48:16 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D9E9 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=h3Qidwm1FaZhmBKap7UdcUdoc4tz9USXblMRqSuDeqtwkCFO2zJCB9VmZ61bvRkoGGtCjGHcZ6JfyW3nK3ry9GqGyCNbmmB4DD-36WOAkc96jTPBViijRU3K6CRrR2nDDxPD8-2UWq3MgdKtaceFmKcnYCFILLbp5nQw2HStdc_unYgakeGl1KJt_sSBPmCvHRZB-lBrLM7TSu3Gs_hhtvtEWFFsPry2MYhMe1T2Eo51VNt4Nv4SZTW3UMlbjDEFJatqnQ&sds=2&rev=81237&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 22 Apr 2022 08:32:46 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame D9E9 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:46 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame D9E9 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

date: Fri, 22 Apr 2022 08:32:46 GMT
content-encoding: gzip
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
strict-transport-security: max-age=31536000; preload;
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Mon, 17 Apr 2023 08:32:46 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 07D0 0
127 B 13ms
12ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 22 Apr 2022 08:32:46 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 65ms
65ms Image
text/html 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20220420&jk=523428748272482&bg=!sLOls_fNAAYXWUUuN1k7ACkAdvg8WsVbSprxlil93TAVxpQYay7Im_6bvbRwPSYbqog5BkSxXo4f0QIAAABWUgAAAAJoAQeZAqBEaeYVgeVSqPZFBiwesBOKw5WJrE9DHbogvsVgPs1h9d1IAODeGa3Fk_kq8wLpS83ltghI9Z5W3ksZnuY8uUewB5Hkv07IJH2FWkUAK-oiot-1U19hGNZtLovjTuzw52hPogIkHPOgrqicE3yDpWHS-nBgr3XhKQj5q1805_8IcCPvBPt014MKlaoTXmnLvTdr2sgp9oV-WolVPHagL8yYpuKTzVy4UWFcwMrlQxzFIX1A4KB11q_X2tl0LhE1IFtxSWMDmLgC9j7nj5tT6XyUovdWiky6iUjyYv1VUVMW7bThC89A0dt3eS-GefoK2rpE0YBK8oCF6hvG8gfJeDZFSafgFTdLuv3JOijstk2UeIQ_k0aEL4YhxpvWhPQNY1VSt5brZ48vl502twzshUas4mNOnrTERJEVvPAe7cF9u4NqGrI3U0ebid9iZB6kxidtHthspmfjaX-kNE00AovfM0wf7IsVZvPzZCavJ1v42Qm-deWr-evNimhi_00bUJsmyitahjLtrzPzWCMH0SFtvDCNsFBnqQL5lMEbxa9APmPjEkIjGf7tLl_-Lv3iIFmULFRvCwzHYkYrv1Dbt_gg7cZfY4bT0cVfJvMWMMEzaOv5U7xsh3Qtj9NdBrbdq6wFZ1H3Dkvc0goJQ1Ur3SFJfw04tgX6jUB6TwbHqpq-Kc0RIW3HcG4cWPIkmTF6B4zPr3cKgWK6Apw2w9Gu3IKQx5kGWILf_YXC5KnZt5Bo5QHLr7BiwzU2QWfQGnGnTSOmAkImgFDwLmRqzmo8mF6-duolqh4zmFbDrT4lLLwg2LK3iK557cIvQXygvr5h0gMKuyPw4iosbA0kUmA2Ubv3w0KaM6ggkacs9Za0MikEDVoFUS6G11wB3hIrOBodGjY
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.projecthoneypot.org/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 4B82 42 B
64 B 48ms
48ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsst_nktBSJ7V_4Gp2OA3tmY-91_w2hF46NtT_aDSmcziqXfDxAfrY1v5O9bUjDJw1W4NK7gRMaOIS_6APvsCVNf&sig=Cg0ArKJSzLKbFSwAnvjREAE&cid=CAASF-RoaPlEtYrrkwFzkWmEuBxXEoeJdjrn&id=lidar2&mcvt=1000&p=0,0,124,1005&mtos=83,768,1000,1115,1249&tos=83,685,232,115,134&v=20220420&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0%3D&vs=4&r=v&rst=1650616366434&rpt=147&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 22 Apr 2022 08:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame D9E9 0
127 B 13ms
13ms Ping
text/plain 178.250.2.150
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.150 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.75 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Fri, 22 Apr 2022 08:32:47 GMT
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0
strict-transport-security: max-age=31536000; preload;

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: googlecm.hit.gemius.pl
URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELhiDelQoCIAQ0kl3hm5EHA&google_cver=1&google_push=AYg5qPKZn1q5IhzXpbt8uyymM0C3krXl2KoeYNnOJZ_8kai7EITbhM-SaoR2l1NwvykeMNXgDpiWbZqaeN8-HRV99q2vvJWWt9Fa

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.projecthoneypot.org/	1969-12-31 23:59:59	Name: vid Value: v5qffdages856j3c01qsn4k5j7
.projecthoneypot.org/	1970-01-20 20:01:28	Name: __utma Value: 28036733.795867579.1650616365.1650616365.1650616365.1
.projecthoneypot.org/	1969-12-31 23:59:59	Name: __utmc Value: 28036733
.projecthoneypot.org/	1970-01-20 06:53:04	Name: __utmz Value: 28036733.1650616365.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.projecthoneypot.org/	1970-01-20 02:30:16	Name: __utmt Value: 1
.projecthoneypot.org/	1970-01-20 02:30:18	Name: __utmb Value: 28036733.1.10.1650616365
.projecthoneypot.org/	1970-01-20 11:51:52	Name: __gads Value: ID=0e4b0ba1b48954fd-225bacbb7ccd00b1:T=1650616364:RT=1650616364:S=ALNI_MadvILLzLSbv8owJZyaF5LSh2JIRQ
.doubleclick.net/	1970-01-20 11:51:52	Name: IDE Value: AHWqTUkKrRaso6gbD1mrF_vde7lq8qSknaa--w-eqnLzk9n9EghRJeH7O8hJ2-XR8ys
.quantserve.com/	1970-01-20 04:39:52	Name: d Value: EEYBCQH7JYEA
.quantserve.com/	1970-01-20 12:00:30	Name: mc Value: 6262682e-8267c-7835d-9cd12
.innovid.com/	1970-01-20 04:39:52	Name: uuid Value: 10ef172c-0132-41c7-9628-744cbf1fb52a-20220422 04:32:46
.e.dlx.addthis.com/	1970-01-20 12:00:30	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:00:30	Name: na_id Value: 2022042208324600022661677212
.addthis.com/	1970-01-20 12:00:30	Name: na_tc Value: Y
.addthis.com/	1970-01-20 12:00:30	Name: uid Value: 6262682e0d60ce4a
.addthis.com/	1970-01-20 12:00:30	Name: ouid Value: 6262682e00012e23ac2bf6097f385c232253b05eccb4d2d01aab
.dlx.addthis.com/	1970-01-20 03:13:28	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 03:13:28	Name: na_sr Value: 20220422
.dlx.addthis.com/	1970-01-20 02:30:16	Name: na_srp Value: 3614
.dlx.addthis.com/	1970-01-20 03:13:28	Name: na_sc_e Value: 0

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050(Line 161) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://www.projecthoneypot.org/ip_e4f1def7f06f5e8ea9c95602fa813050(Line 161) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://ssl.google-analytics.com/ga.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network	error	URL: https://googlecm.hit.gemius.pl/googleredir?rid=tknhntsqez&id=ndBK6L_fzwx7rssCbe8.iLes3yi8eMbF6r2JE6Xu.b7.N7&google_gid=CAESELhiDelQoCIAQ0kl3hm5EHA&google_cver=1&google_push=AYg5qPKZn1q5IhzXpbt8uyymM0C3krXl2KoeYNnOJZ_8kai7EITbhM-SaoR2l1NwvykeMNXgDpiWbZqaeN8-HRV99q2vvJWWt9Fa Message: Failed to load resource: net::ERR_ADDRESS_UNREACHABLE

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
ag.innovid.com
cat.nl.eu.criteo.com
cm.g.doubleclick.net
cms.quantserve.com
csm.eu.criteo.net
e.dlx.addthis.com
googleads.g.doubleclick.net
googlecm.hit.gemius.pl
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pix.eu.criteo.net
pixel.everesttech.net
rtb.fr.eu.criteo.com
rtb.nl.eu.criteo.com
secure-gl.imrworldwide.com
ssl.google-analytics.com
static.criteo.net
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.projecthoneypot.org
googlecm.hit.gemius.pl
142.250.185.130
142.250.186.130
178.250.2.135
178.250.2.148
178.250.2.150
209.124.55.40
2600:9000:224a:5000:1e:a43d:b640:93a1
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1450:4001:801::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:827::2001
2a00:1450:4001:82f::2004
2a00:1450:4001:831::2002
2a02:2638:1::2
2a02:2638:1::3
2a02:2638:1::4
2a02:2638::2
2a05:d01c:1d8:8100:8701:aae2:1118:ca9
34.98.67.61
52.18.148.209
69.192.160.219
01e728c61a276c2d70e77d6e4370d54e8ea119f55beb0610bb8a576af10fc207
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1b09f22c8f31c6984f19fdc1ca31be9915b8c251236891269004a5502ba1cb34
3341770c9230631306c6ec83255abe7c82a3145235f1c4beeeb247b6aa48615a
340b20f9ff6d073c2fea911631d8a6e13af185d983cbe842ddca27df91d0f295
34e8c6c1e16589b39cc1116fcdb4fb07c894c31b988605a84930e115496e698f
34f4e0ba3a52886710c0360d3f8f35352b6c0a73c7181f690c135b1d24eaa8f0
36ea8030974e462c5f768759d5fd3ea7b5cf501e21144d2a006fc2549a2393a7
3769f5b84f2f3c8e4da085a3a576ecb6212ccfdf72ec3b9c3501dcecc0a339ee
39a8609002305d7127558b52c7b84b45276a3432b50edd08b89316e7fcfe4a76
39eb71c9628e5cb1bd500fa1525c7e3a0caecc403dc140c4aeed591eef18d652
42c9e4f9d8c14ea0ecac49e147f029a6bb58b69e544bd63667e5b0e64169f631
43685ceb42651d0bd22a26d8d7dbf397a41843cfa9c2b59d9de8ce054afa7d3b
490319aff00a55cfc00d9e24f71f39fc0801858055c62c07bec8fabf2f6e24ff
4a29964e922a0ddad04e2feb2b4496f1019838b0cd9754da5bc95f6e20a14e98
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5215a77c8430f33b51ca49a1452dd6cb1855916e9c13cdd7942b6618463febe8
53e4b9796d810585a22f72334ee3902b7b3833d82b408f1395e3171ced15fc22
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6808c7f1192e091f9e9b4e15e28fa2a8904117ba54c11e51fc8eb9d179733e1c
751f62e75bc3060e83ecb1fb242b1ab6f7a76a2ca6fb6ab8a9e5e276476f05aa
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
8f9a7962cf58f27b89c0627d094ee1b631ec118675f9eae1dc06031353360422
90d3f9c048cd584f0e746b158cd90e23889b6c782d444f694d74d0d2cf3bf6d4
925356215a811f817a5be0a452e7ec5ea06807fde1f555aec8c09088459903a4
96962e4866c7f248570605ed4f6bb9422127da0993447ae20793b197fd620a88
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6c11502463f3445d37d3184cef1016bb3c77dbc12b88636788632bfe5e87b98
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a7599f277cabb2c2183be5bc58800d445d077301030195cb0787774752932aac
ac03615b7683528c4a36b427b1c4b0dcdd3578fb9caa7b732a96079a5cbb2dd2
b093e979413460dd831afc81d64faa096b9a005e4cdf0d2b155a0ddcd9ad9f1d
b0d528a2f6cc81b5177bcc76fc93fe770407f08687826f1ebf77be88db6cd7d7
b1c0f33bd9ab974666deb7dd98c92cc3f1aef1c3950ea474cfa2c234021216e9
bfcd7a262745ac2a8520d46dbe261c5db424c001970e9ebe83c440bfb48454f7
c9ab9641c7584d903d671ca719aa35b4a47c6b8c592a0a4d2c0422e4baa72418
cf9e27234b92c3288c7188fc10f14e8089075e4fe1193497fce511cf63c4b213
e02ee8d1a4a2d42f2492ed21cc0fad3c21db4e18ea6695ab32abf8541f6b7d0b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
edf68bca77c1574b585c5d63278fde9e26c58f1c5d39d3fd5ad68c2cfde47ffb
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2e3293c1558e5b49e30e1e094cfc3412ec386a68067aee04a92fc913f2c2ce
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
ff25eb91fba3cc29f49813fb430d9ef4cf500ced505a9eb300cdd05c015b8b1e

www.projecthoneypot.org Open in urlscan Pro 209.124.55.40 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

89 Requests

97 %HTTPS

61 %IPv6

17 Domains

25 Subdomains

22 IPs

5 Countries

614 kBTransfer

1628 kBSize

20 Cookies

7 Outgoing links

Page URL History

Redirected requests

89 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.projecthoneypot.org Open in urlscan Pro
209.124.55.40 Public Scan

Screenshot
Live screenshot

Full Image

89
Requests

97 %
HTTPS

61 %
IPv6

17
Domains

25
Subdomains

22
IPs

5
Countries

614 kB
Transfer

1628 kB
Size

20
Cookies

89 HTTP transactions
2 data transactions