s0c4abend.blogspot.com Open in urlscan Pro
2a00:1450:4001:809::2001 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://s0c4abend.blogspot.com/
Submission: On May 21 via api (May 21st 2023, 12:35:29 am UTC) from US — Scanned from DE

Summary HTTP 98 Redirects Links 45 Behaviour Indicators

Summary

This website contacted 23 IPs in 4 countries across 15 domains to perform 98 HTTP transactions. The main IP is 2a00:1450:4001:809::2001, located in Frankfurt am Main, Germany and belongs to GOOGLE, US. The main domain is s0c4abend.blogspot.com.

This is the only time s0c4abend.blogspot.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:801::2009	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
10	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:831::2001	15169 (GOOGLE) (GOOGLE)
2	52.94.216.147 52.94.216.147	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
4 4	18.66.122.97 18.66.122.97	16509 (AMAZON-02) (AMAZON-02)
4	18.66.122.127 18.66.122.127	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:249... 2600:9000:2491:8a00:1d:d7f6:39d2:2dc1	16509 (AMAZON-02) (AMAZON-02)
2	52.94.216.221 52.94.216.221	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:80b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a02:2638:d::c 2a02:2638:d::c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	2a02:2638:3::12 2a02:2638:3::12	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
16	2a02:2638:3::3 2a02:2638:3::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.1.6 178.250.1.6	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
14	2a02:2638:d::13 2a02:2638:d::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
3	2a02:2638:d::11 2a02:2638:d::11	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
98	23

2 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0c4abend.blogspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:801::2009 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.blogger.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
resources.blogblog.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2001 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

themes.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.216.147 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

ws-in.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.122.97 (United States) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-97.fra60.r.cloudfront.net

wms-in.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.66.122.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-122-127.fra60.r.cloudfront.net

wms-in.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2491:8a00:1d:d7f6:39d2:2dc1 (United States)

ASN16509 (AMAZON-02, US)

m.media-amazon.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.94.216.221 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

fls-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:d::c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

rtb.fr3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:3::12 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

ads.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.1.6 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

cat.nl3.eu.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:2638:d::13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

imageproxy.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638:d::11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

csm.eu.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	criteo.net static.criteo.net — Cisco Umbrella Rank: 639 imageproxy.eu.criteo.net — Cisco Umbrella Rank: 9070 csm.eu.criteo.net — Cisco Umbrella Rank: 8905	207 KB
17	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 93 tpc.googlesyndication.com — Cisco Umbrella Rank: 132	260 KB
12	amazon-adsystem.com 4 redirects ws-in.amazon-adsystem.com — Cisco Umbrella Rank: 459088 wms-in.amazon-adsystem.com fls-eu.amazon-adsystem.com — Cisco Umbrella Rank: 42069	43 KB
7	google.com apis.google.com — Cisco Umbrella Rank: 109 adservice.google.com — Cisco Umbrella Rank: 68 www.google.com — Cisco Umbrella Rank: 2	149 KB
6	criteo.com rtb.fr3.eu.criteo.com — Cisco Umbrella Rank: 16347 ads.eu.criteo.com — Cisco Umbrella Rank: 8856 cat.nl3.eu.criteo.com — Cisco Umbrella Rank: 10084	113 KB
6	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 34	28 KB
6	blogger.com www.blogger.com — Cisco Umbrella Rank: 9258	99 KB
4	blogblog.com resources.blogblog.com — Cisco Umbrella Rank: 17411	2 KB
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 181	106 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 9037	696 B
2	media-amazon.com m.media-amazon.com — Cisco Umbrella Rank: 513	7 KB
2	googleusercontent.com 1 redirects themes.googleusercontent.com — Cisco Umbrella Rank: 11862	101 KB
2	blogspot.com s0c4abend.blogspot.com	20 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 199	5 KB
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 902	605 B
98	15

	Domain	Requested by
16	static.criteo.net	ads.eu.criteo.com cdnjs.cloudflare.com static.criteo.net
14	imageproxy.eu.criteo.net	ads.eu.criteo.com
10	pagead2.googlesyndication.com	s0c4abend.blogspot.com pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
8	wms-in.amazon-adsystem.com	4 redirects ws-in.amazon-adsystem.com
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
6	www.blogger.com	s0c4abend.blogspot.com www.blogger.com apis.google.com
4	resources.blogblog.com	s0c4abend.blogspot.com www.blogger.com
4	apis.google.com	s0c4abend.blogspot.com apis.google.com www.blogger.com
3	csm.eu.criteo.net	ads.eu.criteo.com
2	cat.nl3.eu.criteo.com	ads.eu.criteo.com
2	ads.eu.criteo.com	googleads.g.doubleclick.net
2	rtb.fr3.eu.criteo.com	googleads.g.doubleclick.net
2	www.googletagservices.com	googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	fls-eu.amazon-adsystem.com	ws-in.amazon-adsystem.com
2	m.media-amazon.com	ws-in.amazon-adsystem.com
2	ws-in.amazon-adsystem.com	s0c4abend.blogspot.com
2	themes.googleusercontent.com	1 redirects s0c4abend.blogspot.com
2	s0c4abend.blogspot.com	s0c4abend.blogspot.com
1	www.google.com	tpc.googlesyndication.com
1	cdnjs.cloudflare.com	ads.eu.criteo.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
98	24

This site contains links to these domains. Also see Links.

Domain
www.blogger.com

Subject Issuer	Validity	Valid
*.blogger.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.apis.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
images-na.ssl-images-amazon.com DigiCert Global CA G2	`2022-10-26` - `2023-10-14`	a year	crt.sh
*.googleadservices.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.fr3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-22` - `2023-06-25`	3 months	crt.sh
*.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-13` - `2023-08-10`	3 months	crt.sh
*.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-24` - `2023-06-18`	3 months	crt.sh
*.nl3.eu.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-05-18` - `2023-08-18`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.eu.criteo.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-03-26` - `2023-06-29`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh

This page contains 12 frames:

Primary Page: http://s0c4abend.blogspot.com/
Frame ID: 1F85C5DAA8B150A2AEAA43FF896CC3DD
Requests: 25 HTTP requests in this frame

Frame: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=130af03ca86edc1eaa9e8040c677cbad&show_border=true&link_opens_in_new_window=true
Frame ID: 095C78C8CFFD03F3B16D5A3FCC183B60
Requests: 5 HTTP requests in this frame

Frame: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=thajanassocia-21&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=23d8d0fceb8e6498b220bb4561213afc&show_border=true&link_opens_in_new_window=true
Frame ID: 4DFB0B1D5831137461C58003FAC69190
Requests: 5 HTTP requests in this frame

Frame: https://www.blogger.com/navbar.g?targetBlogID=7919630485551574124&blogName=REXX!!+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://s0c4abend.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://s0c4abend.blogspot.com/&vt=1258395610665202509&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__
Frame ID: BFDB0F6B4AE8200FB4D91AE61DB09088
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html
Frame ID: 33CEFE7231164464A60C2222BB8BBD7A
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&h=250&slotname=7815341340&adk=1836024212&adf=562605490&pi=t.ma~as.7815341340&w=250&lmt=1683991264&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&dt=1684629323635&bpp=40&bdt=99&idt=190&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&abxe=1&correlator=8233539887882&frm=20&pv=2&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7Cpe%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=OOPzDYrimB&p=http%3A//s0c4abend.blogspot.com&dtd=205
Frame ID: FCF98541C29A304875E0855CC5322287
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&h=600&slotname=2011037240&adk=2603624924&adf=3900128652&pi=t.ma~as.2011037240&w=265&fwrn=4&fwrnh=100&lmt=1683991264&rafmt=1&format=265x600&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1684629323749&bpp=3&bdt=213&idt=111&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_slotnames=7815341340&correlator=8233539887882&pv_h_ch=L0001&frm=20&pv=1&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=4604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZLb8TLvVbb&p=http%3A//s0c4abend.blogspot.com&dtd=115
Frame ID: 7859928D31526BFEFCFA8BAC0435D5C5
Requests: 7 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGlnSwANDckK4AjHAAFu7XtU_DAb7d89HaLWDQ&u=%7CfpBpTCFyGHFDNT7QeJAz9wR36OXHHNwFQXxYgpjzoaU%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGepN13Fr0UBnbNTYw15f7zsIOVODKEAq-i6u_XxH4jvtuu6J257JZOZu5CLG8O0goBcu1Nu5usrgja0-HpSxHHqCzCmZxDaNUulMIoWvV8ceql_rKaDZ8thMCSEWXJZ9uaYtlokThJ0hxmUyiv3WkzDXJ68aNZSytmD2l00gfzq_8YiZsrVhQ1KC9fwR_51x7haeVTk-v_wYGYU0b1azrBPGbGmrQqnzyh42zhUkaYyW0tJfEgWl3OfGgNlf7DAbhTVMN-oxLVpDKxsu8WzCW4snH1HQV5KD9akjUXTgipUzJhLa8MKqZ_CbILKIn5LloDwFYlhZSPEa7X5JGSvizcscZHn_CEt59PuVrEmOSdaVAzaR1NrQLPJLTX-iJo-WnvTAFNAqMqLm9Y95NeeDLBMCpdOAnu6prSbxabyMFLUawdeu7Dj5MQWWLvGeqI0XMz4_h5BvYMB1Yf-xl5XSRFKXhs3tKCYyDYIOijQn4U6KHEenRaxyQ1A3gsZynIuzrKYiEyHl0JUejtr2YuEhwXvZc4058qZnUVyT99pXpbsTGGWl6kutu2hVELUDKKzX0oBzToKlEb3uOZfMHYz9UNteQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkGBS2dpZMmbNMeRgAft3YXYB8me0rFc1Z2R93DAjbcBEAEgAGCVqp-CsAeCARdjYS1wdWItNTMzOTE3ODQ0NjgyNzU1NMgBCakCkmz4C7Mgsj6oAwHIAwKqBP8BT9DI9HkacFGx2TFvVXHon6YOmG--G9KUyuw7NgF0VM3xWZdnwL2AvS9jPFkbiyCwgrv9jZEs2aANwUhqN9H3PyXXvDaDRMzPAVM9qC_NE1GbXxo7ZC0do756Gqvm04Z9gI3IHeoG61_NfPs_u27Pl1cBjme68LM-PAojScjNByXOJ567yhLUMRh1AUnuQfXon9vSfrai6TeUKmqedKKCUmYPYbCe-t0-Yf_8n2wCi1bcYWXIaLZEfE262tGYYKbFS1FLZd77gRn5e_FHgS3niiDqfIjiTKkEmz8tckKc9fLFblQeU7zOwN245dZgo-gBxMo7LCf8JsaMKs2Szh8GgAa10N7TqYiLt9ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0NKHyeoHJeYtXohvXBugM8bgqGCw%26client%3Dca-pub-5339178446827554%26adurl%3D
Frame ID: 54667961830B84E81E9AA4E7DBDB0191
Requests: 18 HTTP requests in this frame

Frame: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGlnSwANaiQK3pIIAAjZg6e3s5YO0nbACrlafw&u=%7CfpBpTCFyGHHSzKDPkBxsf5E5zcdyi1u0o4w0lxJ2UWM%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRT_OX65cdoqVx7bzVNKabd9-gH2vBtkj6UH0I7xqoZvGN6JOij2aDtdG9G0i4ud3t8QSk2n3inAG9oxm7cN9nEn1oy4eGep1FYCoJh838O3U84iMqkwRQd7QarZSt_MVleJdVyuj7Nst1ALcUDNcNpU8rK2NSyAMiKXBsKbbVs_eM0hybt9qRSZIGC4DjGU191uF5ASWYVpfyrDB5lPtNpg94XrJ7RPLMm0kxIdz2GF_gGdfD99Dxm3GgXBvvqFJQxKzgeE8E_v5aINK2outU4ZUEr3cRyN9NRSwB8jw8Sg1rQini_n3gTh_fPXWPDhKmcINrSDIus1m_RE30sQpO658hEJNQx_OKsg7aUJJzpRFijZWw6gPugETFN8B8tAT2Qc0VEzqCTR6BMWGaQnyTzcz8WZ58aTrLiyq218tG1tUh-0jSLQmex9G3DFwJLIz2rZAtgcgtO1U7g1Ih2XakSLALIWNZvqhCqYXPn3petNJo44xFc16-d_8H6Fpw3SgGB7dIlPwkO8h_9MeFGxjF-5wJEFyga2oT2EkF-dcboJ4k1mesnAuSuM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUlqjS2dpZKTUNYik-gaDs6OAD8me0rFczeGS93DAjbcBEAEgAGCVqp-CsAeCARdjYS1wdWItNTMzOTE3ODQ0NjgyNzU1NMgBCakCkmz4C7Mgsj6oAwGqBIUCT9C8EAP4W2oRqbss8B0o35i6QZBdWco2Fei-iidyDvAWPXdRE2E7ZBF_eITuGMuzwhw8z-_jbsgN9y0pvVLdBNeVoem4rHwB2Rso5saGnBhFGauVUUuI9og4eQluFbbEgxB60aghuNLMX_ykIVRhrmHVpJYbCBSfnilRtMU5uC0vR846FgKKjZH6_FMQ1hBUtCVVSn0UTtF9AMUBCNIFC-QRGW3JYAXTF6lfzKW5a8Zl_OnapxilyvUApPHXncq1RyLV5re0f0wVgWVJo5dMH0XHsYTDGbImB4wyLSXvrvlfod-l1BblGp-_bU69_U6UNAClW2SU7tdk7unoAOwZH3RejPD2gAbO2cLMkuLkt_oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2t5wI18DXXPeOCe40NDhac1X_-Sg%26client%3Dca-pub-5339178446827554%26adurl%3D
Frame ID: 0BAD65680800AC9BAC7EECEF3AB548F2
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&adk=1812271804&adf=3025194257&lmt=1683991264&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&dt=1684629324341&bpp=2&bdt=805&idt=2&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=265x600&prev_slotnames=7815341340&nras=1&correlator=8233539887882&pv_h_ch=L0001&frm=20&pv=1&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&psts=ABHeCvjKV6qhUAe2OmrhWMWP13Mz8ZpeHkr-gbIhzb-Z_1tShxWueCDSlUIgumMyoZwiXzRwTqAGiT-29Ynj%2CABHeCviuc2ZzrtzeSeHrircaUqLQn82jNl2XK2FiVir9XYOZT1TzJaeD2Dg1V4jvkflWqQAszAsiFk7zINhE&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=7&uci=a!7&fsb=1&dtd=17
Frame ID: DD2BE196E02A5365C6B548522DA0D492
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 05455CF8FFA6D46789770F1928738F4A
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1E376CFB20188779DE86554FC5D39A3B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

REXX!!

Detected technologies

Blogger (Blogs) Expand

Overall confidence: 100%
Detected patterns

^https?://[^/]+\.(?:blogspot|blogger)\.com

Google Sign-in (Social logins) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/platform\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/pagead/show_ads\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Plus (Widgets) Expand

Overall confidence: 100%
Detected patterns

apis\.google\.com/js/[a-z]*\.js

Page Statistics

98
Requests

86 %
HTTPS

78 %
IPv6

15
Domains

24
Subdomains

23
IPs

4
Countries

1137 kB
Transfer

2636 kB
Size

1
Cookies

45 Outgoing links

These are links going to different origins than the main page.

URL: https://www.blogger.com/post-edit.g?blogID=7919630485551574124&postID=7766130832755783791&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7766130832755783791&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7766130832755783791&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7766130832755783791&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7766130832755783791&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7766130832755783791&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=7919630485551574124&postID=3307700573125352037&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=3307700573125352037&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=3307700573125352037&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=3307700573125352037&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=3307700573125352037&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=3307700573125352037&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=7919630485551574124&postID=1418646709818679977&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=1418646709818679977&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=1418646709818679977&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=1418646709818679977&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=1418646709818679977&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=1418646709818679977&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=7919630485551574124&postID=4170833554116595916&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=4170833554116595916&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=4170833554116595916&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=4170833554116595916&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=4170833554116595916&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=4170833554116595916&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=7919630485551574124&postID=6621534290648108667&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=6621534290648108667&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=6621534290648108667&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=6621534290648108667&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=6621534290648108667&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=6621534290648108667&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=7919630485551574124&postID=7035201247763813793&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7035201247763813793&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7035201247763813793&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7035201247763813793&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7035201247763813793&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=7035201247763813793&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/post-edit.g?blogID=7919630485551574124&postID=2615397434264094345&from=pencil

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=2615397434264094345&target=email
Title: Email This

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=2615397434264094345&target=blog
Title: BlogThis!

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=2615397434264094345&target=twitter
Title: Share to Twitter

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=2615397434264094345&target=facebook
Title: Share to Facebook

Search URL Search Domain Scan URL

URL: https://www.blogger.com/share-post.g?blogID=7919630485551574124&postID=2615397434264094345&target=pinterest
Title: Share to Pinterest

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/report-abuse
Title: Report Abuse

Search URL Search Domain Scan URL

URL: https://www.blogger.com/
Title: Blogger

Search URL Search Domain Scan URL

URL: https://www.blogger.com/go/blogspot-cookies
Title: Weitere Informationen

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

http://themes.googleusercontent.com/image?id=1iJBX-a-hBX2tKaDdERpElPUmvb4r5MDX9lEx06AA-UtZIQCYziZg3PFbmOyt-g2sH8Jo&options=w1600 HTTP 301
https://themes.googleusercontent.com/image?id=1iJBX-a-hBX2tKaDdERpElPUmvb4r5MDX9lEx06AA-UtZIQCYziZg3PFbmOyt-g2sH8Jo&options=w1600

Request Chain 19

http://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png HTTP 301
https://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png

Request Chain 21

http://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png HTTP 301
https://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png

Request Chain 29

http://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif HTTP 301
https://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif

Request Chain 30

http://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif HTTP 301
https://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif

98 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
s0c4abend.blogspot.com/ 98 KB
17 KB 423ms
376ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://s0c4abend.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b7c11acd83abe3c698e2377ad07a4cfa7bc4c1181855a6655f022eaa0d573935

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, max-age=0
Content-Encoding: gzip
Content-Length: 17178
Content-Type: text/html; charset=UTF-8
Date: Sun, 21 May 2023 00:35:23 GMT
ETag: W/"f29328911c1d09b014b496a959831f3b52e574d25b59ddecfaba4ee3d4d4e6fd"
Expires: Sun, 21 May 2023 00:35:23 GMT
Last-Modified: Sat, 13 May 2023 15:21:04 GMT
Server: GSE
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block

GET
H2 200 3566091532-css_bundle_v2.css
www.blogger.com/static/v1/widgets/ 35 KB
36 KB 59ms
9ms Stylesheet
text/css 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:16:38 GMT
x-content-type-options: nosniff
age: 65925
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35960
x-xss-protection: 0
last-modified: Fri, 19 May 2023 21:54:38 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 19 May 2024 06:16:38 GMT

GET
H2 200 platform.js Show response
apis.google.com/js/ 54 KB
21 KB 40ms
15ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform.js

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5007dac1365dd925963e4bc2ff805516823a6d61e200ca67066b8e0b843887be

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 00:35:23 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21024
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "48bc56e7e3631038"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 00:35:23 GMT

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 105ms
104ms Stylesheet
text/css 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7919630485551574124&zx=0915b25e-2040-4585-9a86-f7fd9acbbbc4

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sun, 21 May 2023 00:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 21 May 2023 00:35:23 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 icon18_edit_allbkg.gif
resources.blogblog.com/img/ 162 B
299 B 24ms
8ms Image
image/gif 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/icon18_edit_allbkg.gif

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Fri, 19 May 2023 19:03:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 May 2023 16:53:07 GMT
server: sffe
age: 106290
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/gif
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 162
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Fri, 26 May 2023 19:03:53 GMT

GET
H/1.1 200
OK show_ads.js Show response
pagead2.googlesyndication.com/pagead/ 91 KB
34 KB 31ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/show_ads.js

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

73dabdce835eda27d022bdf4e86ede2230af3810a2ecf57646b48a509a4db0f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 00:35:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 2462387166822116663
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Timing-Allow-Origin: *
Content-Length: 34424
X-XSS-Protection: 0
Expires: Sun, 21 May 2023 00:35:23 GMT

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 136 KB
50 KB 31ms
27ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

32bcc551da9eedbbd18711aba3600ba749f2dd7b9462e1093d8902dd09518b4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 00:35:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 50219
X-XSS-Protection: 0
Server: cafe
ETag: 3402557810093030812
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=3600
Timing-Allow-Origin: *
Expires: Sun, 21 May 2023 00:35:23 GMT

GET
H/1.1 200
OK cookienotice.js Show response
s0c4abend.blogspot.com/js/ 6 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://s0c4abend.blogspot.com/js/cookienotice.js

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 00:35:23 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Sat, 20 May 2023 20:50:03 GMT
Server: sffe
Vary: Accept-Encoding
Report-To: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
Content-Type: text/javascript
Cache-Control: public, max-age=604800
Cross-Origin-Resource-Policy: cross-origin
Accept-Ranges: bytes
Content-Length: 2026
X-XSS-Protection: 0
Cross-Origin-Opener-Policy-Report-Only: same-origin; report-to="blogger-tech"
Expires: Sun, 28 May 2023 00:35:23 GMT

GET
H2 200 3434683727-widgets.js Show response
www.blogger.com/static/v1/widgets/ 154 KB
56 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/static/v1/widgets/3434683727-widgets.js

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

22d4568a71f29fbca7b04a016273d0f5cd8ac060958bcca78e225d9314b66868

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 06:16:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 65924
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56801
x-xss-protection: 0
last-modified: Wed, 17 May 2023 08:51:57 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sun, 19 May 2024 06:16:39 GMT

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ 181 KB
60 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3e934124770fe81eee7c9fc2e5f3577b35165fb1b9075eba79bfba89adee245

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:14:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4853
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 61379
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 23:14:30 GMT

GET
H/1.1 200
OK google_top_exp.js Show response
pagead2.googlesyndication.com/pagead/js/ 47 B
658 B 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/google_top_exp.js

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

HTTP/1.1

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sat, 20 May 2023 08:45:47 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Age: 56976
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Length: 67
X-XSS-Protection: 0
Server: cafe
ETag: 13036835877489095579
Vary: Accept-Encoding
Content-Type: text/javascript; charset=UTF-8
Cache-Control: public, max-age=1209600
Timing-Allow-Origin: *
Expires: Sat, 03 Jun 2023 08:45:47 GMT

GET
H2 200 show_ads_impl_with_ama_fy2021.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/ 355 KB
120 KB 62ms
39ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5339178446827554&plah=s0c4abend.blogspot.com

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/show_ads.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38062161f9ad5d3b3723d4ddcf417bec812346722e22345565aba8667532c558

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 122663
x-xss-protection: 0
server: cafe
etag: 17824910635023989099
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sun, 21 May 2023 00:35:23 GMT

GET
H2

200

image
themes.googleusercontent.com/
Redirect Chain

http://themes.googleusercontent.com/image?id=1iJBX-a-hBX2tKaDdERpElPUmvb4r5MDX9lEx06AA-UtZIQCYziZg3PFbmOyt-g2sH8Jo&options=w1600
https://themes.googleusercontent.com/image?id=1iJBX-a-hBX2tKaDdERpElPUmvb4r5MDX9lEx06AA-UtZIQCYziZg3PFbmOyt-g2sH8Jo&options=w1600

100 KB
100 KB

115ms
90ms

Image
image/jpeg

2a00:1450:4001:831::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://themes.googleusercontent.com/image?id=1iJBX-a-hBX2tKaDdERpElPUmvb4r5MDX9lEx06AA-UtZIQCYziZg3PFbmOyt-g2sH8Jo&options=w1600

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

Server

2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

2e761f8c0e7f37f9e1fc2717d7706596bf6103091b4878b332bf4e9b86349fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
x-content-type-options: nosniff
server: fife
etag: "v1"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 102210
x-xss-protection: 0
expires: Mon, 22 May 2023 00:35:23 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 21 May 2023 00:35:23 GMT
X-Content-Type-Options: nosniff
Server: ESF
X-Frame-Options: SAMEORIGIN
Content-Type: application/binary
Location: https://themes.googleusercontent.com/image?id=1iJBX-a-hBX2tKaDdERpElPUmvb4r5MDX9lEx06AA-UtZIQCYziZg3PFbmOyt-g2sH8Jo&options=w1600
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Content-Length: 0
X-XSS-Protection: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 black50.png
resources.blogblog.com/blogblog/data/1kt/transparent/ 96 B
216 B 7ms
7ms Image
image/png 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/blogblog/data/1kt/transparent/black50.png

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 12:05:31 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 May 2023 04:49:41 GMT
server: sffe
age: 44992
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 96
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 27 May 2023 12:05:31 GMT

GET
H3 200 share_buttons_20_3.png
www.blogger.com/img/ 5 KB
5 KB 9ms
8ms Image
image/png 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.blogger.com/img/share_buttons_20_3.png

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/static/v1/widgets/3566091532-css_bundle_v2.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 08:36:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 19 May 2023 21:54:38 GMT
server: sffe
age: 57530
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 5080
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 27 May 2023 08:36:33 GMT

GET
H/1.1 200
200 q Show response
ws-in.amazon-adsystem.com/widgets/ Frame 095C 14 KB
4 KB 94ms
43ms Document
text/html 52.94.216.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=130af03ca86edc1eaa9e8040c677cbad&show_border=true&link_opens_in_new_window=true
Requested by: Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/
Protocol: HTTP/1.1
Server: 52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: fb10aade170c3ee6dd3b800edb6fb5544ab1a89e7da24551297c159e491b5d6b

Request headers

Referer: http://s0c4abend.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Encoding: gzip
Content-Length: 3388
Content-Type: text/html;charset=UTF-8
Date: Sun, 21 May 2023 00:35:23 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
nnCoection: close

GET
H/1.1 200
200 q Show response
ws-in.amazon-adsystem.com/widgets/ Frame 4DFB 14 KB
4 KB 88ms
34ms Document
text/html 52.94.216.147
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=thajanassocia-21&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=23d8d0fceb8e6498b220bb4561213afc&show_border=true&link_opens_in_new_window=true
Requested by: Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/
Protocol: HTTP/1.1
Server: 52.94.216.147 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c1da7de886902ef5710584c218b921467311eabec684a37345566ffedc6b3729

Request headers

Referer: http://s0c4abend.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin: *
Cache-Control: must-revalidate
Content-Encoding: gzip
Content-Length: 3403
Content-Type: text/html;charset=UTF-8
Date: Sun, 21 May 2023 00:35:23 GMT
Expires: -1
Pragma: no-cache
Server: Server
Vary: User-Agent
charset: UTF-8
nnCoection: close

GET
H3 200 navbar.g Show response
www.blogger.com/ Frame BFDB 7 KB
3 KB 474ms
474ms Document
text/html 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/navbar.g?targetBlogID=7919630485551574124&blogName=REXX!!+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://s0c4abend.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://s0c4abend.blogspot.com/&vt=1258395610665202509&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes,gapi_iframes_style_bubble/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

032c65a4eb9b0ea18c047c4218ca9e1adb6b7d6fee487320e72492bcd4ecce72

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://s0c4abend.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 2569
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
content-type: text/html; charset=UTF-8
date: Sun, 21 May 2023 00:35:24 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
pragma: no-cache
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/ Frame 33CE 10 KB
5 KB 33ms
7ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20230517/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://s0c4abend.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 62845
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=1209600
content-encoding: br
content-length: 4540
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 07:07:58 GMT
etag: 15057649708203361565
expires: Sat, 03 Jun 2023 07:07:58 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 authorization.css
www.blogger.com/dyn-css/ 1 B
43 B 514ms
514ms Stylesheet
text/css 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.blogger.com/dyn-css/authorization.css?targetBlogID=7919630485551574124&zx=0915b25e-2040-4585-9a86-f7fd9acbbbc4

Requested by

Host: s0c4abend.blogspot.com
URL: http://s0c4abend.blogspot.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b

Security Headers

Name	Value
Content-Security-Policy	script-src 'self' .google.com .google-analytics.com 'unsafe-inline' 'unsafe-eval' .gstatic.com .googlesyndication.com .blogger.com .googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: script-src 'self' *.google.com *.google-analytics.com 'unsafe-inline' 'unsafe-eval' *.gstatic.com *.googlesyndication.com *.blogger.com *.googleapis.com uds.googleusercontent.com https://s.ytimg.com https://i18n-cloud.appspot.com https://www.youtube.com www-onepick-opensocial.googleusercontent.com www-bloggervideo-opensocial.googleusercontent.com www-blogger-opensocial.googleusercontent.com https://www.blogblog.com; report-uri /cspreport
date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 21 May 2023 00:35:24 GMT
server: GSE
x-frame-options: SAMEORIGIN
p3p: CP="This is not a P3P policy! See https://www.google.com/support/accounts/bin/answer.py?hl=en&answer=151657 for more info."
content-type: text/css; charset=UTF-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21
x-xss-protection: 1; mode=block
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

a-logo-amazon.png
wms-in.amazon-adsystem.com/panda/20070822/IN/img/ Frame 4DFB
Redirect Chain

http://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png
https://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png

15 KB
16 KB

27ms
8ms

Image
image/png

18.66.122.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png
Requested by: Host: ws-in.amazon-adsystem.com
URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=thajanassocia-21&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=23d8d0fceb8e6498b220bb4561213afc&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Server: 18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-127.fra60.r.cloudfront.net
Software: Server /
Resource Hash: d576be5f516a4a72b8e2f85d61de19966d749c9b84066864dc686bf4e6cfbac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ws-in.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 15 May 2023 21:21:02 GMT
Via: 1.1 3fd7afcdda21f0b562dfcbf7920c44a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 443661
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15728
Last-Modified: Thu, 20 Apr 2023 16:55:49 GMT
Server: Server
ETag: "3d70-5f9c7699bd3ab"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: ZOZNW0JH2bDG1iruxkYArOJ6PHpe5APcXzol8j0_DriveWU0jFpgNg==
Expires: Mon, 22 May 2023 21:21:02 GMT

Redirect headers

Date: Sun, 21 May 2023 00:35:23 GMT
Via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: 8S1ztst-E1GTsruvePPLyy5OX4SdMVtGIGpbAFy7NkGSLOAC8XQj_A==

GET
H2 200 4121yWSVFmL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 4DFB 3 KB
3 KB 66ms
9ms Image
image/jpeg 2600:9000:2491:8a00:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/4121yWSVFmL._AC_AC_SR98,95_.jpg
Requested by: Host: ws-in.amazon-adsystem.com
URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=thajanassocia-21&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=23d8d0fceb8e6498b220bb4561213afc&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8a00:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 505ebc941cea878512761897ec372cb05c0deea229988b41da88dae31cae1715

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ws-in.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 20:03:03 GMT
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 4077140
edge-cache-tag: x-cache-978,/images/I/4121yWSVFmL
x-cache: Hit from cloudfront
x-nginx-cache-status: MISS
content-length: 2800
surrogate-key: x-cache-978 /images/I/4121yWSVFmL
last-modified: Tue, 01 Feb 2022 09:05:20 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 7c68d828-a865-4b15-a94d-34e5656d9703
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: QTI57W3Gtam9B3G-K8rbOEwmjyV4NRmaReprEMikhMoQaRaeIG0WUw==
expires: Sun, 29 Mar 2043 20:03:03 GMT

GET
H/1.1

200
OK

a-logo-amazon.png
wms-in.amazon-adsystem.com/panda/20070822/IN/img/ Frame 095C
Redirect Chain

http://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png
https://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png

15 KB
16 KB

29ms
8ms

Image
image/png

18.66.122.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png
Requested by: Host: ws-in.amazon-adsystem.com
URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=130af03ca86edc1eaa9e8040c677cbad&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Server: 18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-127.fra60.r.cloudfront.net
Software: Server /
Resource Hash: d576be5f516a4a72b8e2f85d61de19966d749c9b84066864dc686bf4e6cfbac9

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ws-in.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Mon, 15 May 2023 21:21:02 GMT
Via: 1.1 7b314c2b827b3a655861e27775634208.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 443661
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 15728
Last-Modified: Thu, 20 Apr 2023 16:55:49 GMT
Server: Server
ETag: "3d70-5f9c7699bd3ab"
Content-Type: image/png
Charset: UTF-8
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: lRT1qBDJ6LbOWouxMPnSBpyw73q8cXO5RKuKey1-Xq4XsKMwguUiyg==
Expires: Mon, 22 May 2023 21:21:02 GMT

Redirect headers

Date: Sun, 21 May 2023 00:35:23 GMT
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://wms-in.amazon-adsystem.com/panda/20070822/IN/img/a-logo-amazon.png
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: hHQY444evto4XltU2WAJLeOEYCmLACR3sY1FX3sXwsLzzpJnzv5WIA==

GET
H2 200 4121yWSVFmL._AC_AC_SR98,95_.jpg
m.media-amazon.com/images/I/ Frame 095C 3 KB
3 KB 61ms
9ms Image
image/jpeg 2600:9000:2491:8a00:1d:d7f6:39d2:2dc1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://m.media-amazon.com/images/I/4121yWSVFmL._AC_AC_SR98,95_.jpg
Requested by: Host: ws-in.amazon-adsystem.com
URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=130af03ca86edc1eaa9e8040c677cbad&show_border=true&link_opens_in_new_window=true
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2491:8a00:1d:d7f6:39d2:2dc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 505ebc941cea878512761897ec372cb05c0deea229988b41da88dae31cae1715

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ws-in.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Mon, 03 Apr 2023 20:03:03 GMT
via: 1.1 f3d57c6f1e03e389abd50b7f7535cee4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P7
age: 4077140
edge-cache-tag: x-cache-978,/images/I/4121yWSVFmL
x-cache: Hit from cloudfront
x-nginx-cache-status: MISS
content-length: 2800
surrogate-key: x-cache-978 /images/I/4121yWSVFmL
last-modified: Tue, 01 Feb 2022 09:05:20 GMT
server: Server
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=630720000,public
x-amz-ir-id: 7c68d828-a865-4b15-a94d-34e5656d9703
accept-ranges: bytes
timing-allow-origin: https://www.amazon.in, https://www.amazon.com
x-amz-cf-id: B48BfAeCO1gohCYvFoDJpxiJsxOtSDQHiWmeCI-jhPg2z9K5s_LkZw==
expires: Sun, 29 Mar 2043 20:03:03 GMT

GET
H/1.1 200
OK json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 4DFB 43 B
200 B 68ms
32ms Image
image/gif 52.94.216.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1684629323814&p=%7B%22program%22%3A%2231%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22thajanassocia-21%22%2C%22refUrl%22%3A%22http%3A%2F%2Fs0c4abend.blogspot.com%2F%22%7D
Requested by: Host: ws-in.amazon-adsystem.com
URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=thajanassocia-21&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=23d8d0fceb8e6498b220bb4561213afc&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Server: 52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ws-in.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 00:35:23 GMT
x-amzn-RequestId: 5ec0e351-c896-4176-b902-7e11d33e0ae6
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK json
fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/ Frame 095C 43 B
200 B 65ms
29ms Image
image/gif 52.94.216.221
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://fls-eu.amazon-adsystem.com/1/associates-ads/1/OP/r/json?cb=1684629323818&p=%7B%22program%22%3A%2231%22%2C%22linkCode%22%3A%22w00%22%2C%22panda%22%3Atrue%2C%22tag%22%3A%22%22%2C%22refUrl%22%3A%22http%3A%2F%2Fs0c4abend.blogspot.com%2F%22%7D
Requested by: Host: ws-in.amazon-adsystem.com
URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=130af03ca86edc1eaa9e8040c677cbad&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Server: 52.94.216.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ws-in.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Sun, 21 May 2023 00:35:22 GMT
x-amzn-RequestId: 7fd900f3-82d7-46a9-b90b-a1891e0248c7
Content-Length: 43
Content-Type: image/gif

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 391 B
605 B 44ms
20ms Script
text/javascript 2a00:1450:4001:80b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=s0c4abend.blogspot.com&callback=_gfp_s_&client=ca-pub-5339178446827554

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202305160101/show_ads_impl_with_ama_fy2021.js?client=ca-pub-5339178446827554&plah=s0c4abend.blogspot.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

aa6db0eec3c9eb35fc54903ea62462e80c7e508f1ce8f157f72e41397bbbe924

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 253
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 46ms
20ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=s0c4abend.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 45ms
20ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s0c4abend.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame FCF9 29 KB
12 KB 131ms
131ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&h=250&slotname=7815341340&adk=1836024212&adf=562605490&pi=t.ma~as.7815341340&w=250&lmt=1683991264&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&dt=1684629323635&bpp=40&bdt=99&idt=190&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&abxe=1&correlator=8233539887882&frm=20&pv=2&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7Cpe%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=OOPzDYrimB&p=http%3A//s0c4abend.blogspot.com&dtd=205

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d72910a128c207de361416616b266527dcb0d1ba98e8cd6344ef60286f0a6c9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://s0c4abend.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11645
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 00:35:23 GMT
expires: Sun, 21 May 2023 00:35:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1

200
OK

cart.gif
wms-in.amazon-adsystem.com/panda/20070822/US/img/ Frame 4DFB
Redirect Chain

http://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif
https://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif

341 B
876 B

28ms
8ms

Image
image/gif

18.66.122.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-in.amazon-adsystem.com
URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=thajanassocia-21&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=23d8d0fceb8e6498b220bb4561213afc&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Server: 18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-127.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ws-in.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 02 May 2023 07:41:22 GMT
Via: 1.1 1aa52a2a71a599aaf6b3df3a9c53b268.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 1616041
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 341
Last-Modified: Thu, 20 Apr 2023 16:55:49 GMT
Server: Server
ETag: "155-5f9c7699c122b"
Content-Type: image/gif
Charset: UTF-8
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: LEYC31OJfyJMc95T0bM9Ur1Gc2Qkd9DdcIRDCgntNCxGMygLvTBKPA==
Expires: Tue, 09 May 2023 07:41:22 GMT

Redirect headers

Date: Sun, 21 May 2023 00:35:23 GMT
Via: 1.1 f7e6fd9466c5c2a3b15f0fb077de1afa.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: jwbPjrzwhoXrgUngCDuyBOQbbXaeng16zLDoCc4I85e_OjP9Pslx1g==

GET
H/1.1

200
OK

cart.gif
wms-in.amazon-adsystem.com/panda/20070822/US/img/ Frame 095C
Redirect Chain

http://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif
https://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif

341 B
876 B

25ms
8ms

Image
image/gif

18.66.122.127
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Requested by: Host: ws-in.amazon-adsystem.com
URL: http://ws-in.amazon-adsystem.com/widgets/q?ServiceVersion=20070822&OneJS=1&Operation=GetAdHtml&MarketPlace=IN&source=ss&ref=as_ss_li_til&ad_type=product_link&tracking_id=&language=en_IN&marketplace=amazon&region=IN&placement=B09QSBXK96&asins=B09QSBXK96&linkId=130af03ca86edc1eaa9e8040c677cbad&show_border=true&link_opens_in_new_window=true
Protocol: HTTP/1.1
Server: 18.66.122.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-122-127.fra60.r.cloudfront.net
Software: Server /
Resource Hash: 6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://ws-in.amazon-adsystem.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Date: Tue, 02 May 2023 07:41:22 GMT
Via: 1.1 da6955a1993e1118f32bcb48c6630c20.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA60-P2
Age: 1616041
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 341
Last-Modified: Thu, 20 Apr 2023 16:55:49 GMT
Server: Server
ETag: "155-5f9c7699c122b"
Content-Type: image/gif
Charset: UTF-8
Cache-Control: max-age=2592000
Accept-Ranges: bytes
X-Amz-Cf-Id: wh5-b_-mTmaQYs37AE0MDGtaSZDtzd0iUQPtnrUeVdEoPCZEZskEWg==
Expires: Tue, 09 May 2023 07:41:22 GMT

Redirect headers

Date: Sun, 21 May 2023 00:35:23 GMT
Via: 1.1 935770605c74a80712059ba5b24d4162.cloudfront.net (CloudFront)
Server: CloudFront
X-Amz-Cf-Pop: FRA60-P2
X-Cache: Redirect from cloudfront
Content-Type: text/html
Location: https://wms-in.amazon-adsystem.com/panda/20070822/US/img/cart.gif
Connection: keep-alive
Content-Length: 167
X-Amz-Cf-Id: SBd5rPHHYPAMVIF3R19Y5SDvoAFAgvk4kClKqm3NkKySyZSQLrGEZA==

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7859 29 KB
11 KB 134ms
134ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&h=600&slotname=2011037240&adk=2603624924&adf=3900128652&pi=t.ma~as.2011037240&w=265&fwrn=4&fwrnh=100&lmt=1683991264&rafmt=1&format=265x600&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1684629323749&bpp=3&bdt=213&idt=111&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_slotnames=7815341340&correlator=8233539887882&pv_h_ch=L0001&frm=20&pv=1&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=4604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZLb8TLvVbb&p=http%3A//s0c4abend.blogspot.com&dtd=115

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fc9069bbb8d6899c9bbc3413bf29346acbc9ca4ba17ede13daa7f9113e3c942b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://s0c4abend.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private
content-encoding: br
content-length: 11626
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 00:35:23 GMT
expires: Sun, 21 May 2023 00:35:23 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame FCF9 3 KB
1 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&h=250&slotname=7815341340&adk=1836024212&adf=562605490&pi=t.ma~as.7815341340&w=250&lmt=1683991264&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&dt=1684629323635&bpp=40&bdt=99&idt=190&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&abxe=1&correlator=8233539887882&frm=20&pv=2&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7Cpe%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=OOPzDYrimB&p=http%3A//s0c4abend.blogspot.com&dtd=205

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 20:27:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 20:27:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame FCF9 19 KB
8 KB 32ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50342
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame FCF9 170 KB
53 KB 42ms
17ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 00:35:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame FCF9 0
0 49ms
48ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C_vrQS2dpZMmbNMeRgAft3YXYB8me0rFc1Z2R93DAjbcBEAEgAGCVqp-CsAeCARdjYS1wdWItNTMzOTE3ODQ0NjgyNzU1NMgBCakCkmz4C7Mgsj6oAwHIAwKqBPwBT9DI9HkacFGx2TFvVXHon6YOmG--G9KUyuw7NgF0VM3xWZdnwL2AvS9jPFkbiyCwgrv9jZEs2aANwUhqN9H3PyXXvDaDRMzPAVM9qC_NE1GbXxo7ZC0do756Gqvm04Z9gI3IHeoG61_NfPs_u27Pl1cBjme68LM-PAojScjNByXOJ567yhLUMRh1AUnuQfXon9vSfrai6TeUKmqedKKCUmYPYbCe-t0-Yf_8n2wCi1bcYWXIaLZEfE262tGYYKbFS1FLZd77gRn5e_FHgS3niiDqfIjiTOsGuq2q_d6PSm7RzYQj9UTH1NcO7_h4IVzJ-WzJkznQPkMmrt4tgAa10N7TqYiLt9ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MzM5MTc4NDQ2ODI3NTU0GAA&sigh=-h0kOfY_LW8&uach_m=[UACH]&cid=CAQSGwBygQiDs76no8UnAwgKePUV8pGvk5Hjcfw8pRgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&h=250&slotname=7815341340&adk=1836024212&adf=562605490&pi=t.ma~as.7815341340&w=250&lmt=1683991264&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&dt=1684629323635&bpp=40&bdt=99&idt=190&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&abxe=1&correlator=8233539887882&frm=20&pv=2&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7Cpe%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=OOPzDYrimB&p=http%3A//s0c4abend.blogspot.com&dtd=205
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 May 2023 00:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 May 2023 00:35:24 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame FCF9 0
0 64ms
20ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kNnGEoDEMPoB-gGdg2ICAgAAALctxlI6-R6aEEtnaWRQppGkV6zz5kc1AAASAAAKCkFRVUJEd0VCRHc&wp=ZGlnSwANDckK4AjHAAFu7XtU_DAb7d89HaLWDQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 129823
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 5466 164 KB
51 KB 101ms
72ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGlnSwANDckK4AjHAAFu7XtU_DAb7d89HaLWDQ&u=%7CfpBpTCFyGHFDNT7QeJAz9wR36OXHHNwFQXxYgpjzoaU%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGepN13Fr0UBnbNTYw15f7zsIOVODKEAq-i6u_XxH4jvtuu6J257JZOZu5CLG8O0goBcu1Nu5usrgja0-HpSxHHqCzCmZxDaNUulMIoWvV8ceql_rKaDZ8thMCSEWXJZ9uaYtlokThJ0hxmUyiv3WkzDXJ68aNZSytmD2l00gfzq_8YiZsrVhQ1KC9fwR_51x7haeVTk-v_wYGYU0b1azrBPGbGmrQqnzyh42zhUkaYyW0tJfEgWl3OfGgNlf7DAbhTVMN-oxLVpDKxsu8WzCW4snH1HQV5KD9akjUXTgipUzJhLa8MKqZ_CbILKIn5LloDwFYlhZSPEa7X5JGSvizcscZHn_CEt59PuVrEmOSdaVAzaR1NrQLPJLTX-iJo-WnvTAFNAqMqLm9Y95NeeDLBMCpdOAnu6prSbxabyMFLUawdeu7Dj5MQWWLvGeqI0XMz4_h5BvYMB1Yf-xl5XSRFKXhs3tKCYyDYIOijQn4U6KHEenRaxyQ1A3gsZynIuzrKYiEyHl0JUejtr2YuEhwXvZc4058qZnUVyT99pXpbsTGGWl6kutu2hVELUDKKzX0oBzToKlEb3uOZfMHYz9UNteQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkGBS2dpZMmbNMeRgAft3YXYB8me0rFc1Z2R93DAjbcBEAEgAGCVqp-CsAeCARdjYS1wdWItNTMzOTE3ODQ0NjgyNzU1NMgBCakCkmz4C7Mgsj6oAwHIAwKqBP8BT9DI9HkacFGx2TFvVXHon6YOmG--G9KUyuw7NgF0VM3xWZdnwL2AvS9jPFkbiyCwgrv9jZEs2aANwUhqN9H3PyXXvDaDRMzPAVM9qC_NE1GbXxo7ZC0do756Gqvm04Z9gI3IHeoG61_NfPs_u27Pl1cBjme68LM-PAojScjNByXOJ567yhLUMRh1AUnuQfXon9vSfrai6TeUKmqedKKCUmYPYbCe-t0-Yf_8n2wCi1bcYWXIaLZEfE262tGYYKbFS1FLZd77gRn5e_FHgS3niiDqfIjiTKkEmz8tckKc9fLFblQeU7zOwN245dZgo-gBxMo7LCf8JsaMKs2Szh8GgAa10N7TqYiLt9ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0NKHyeoHJeYtXohvXBugM8bgqGCw%26client%3Dca-pub-5339178446827554%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

e1464c8c76a1f2163c988d447fcf8e92121d06e382224a4c0c5d1ae17ef21c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 00:35:24 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=HGRAlSpqfDQfEm6_8xVrPdASRFfOK4IyZYdJjH5tKBBx-_o1rHGUlUWqsApGy-VvV9NVHsRpruKPEq9TdE15azTwj-79tO9LaWi9jsq8sUuZkzBOqFX3py-_tWLUM35pBmzhpcCkLi5pKhbEYzE5G_iTLiZ_b5YNTYiae1Y9PzskxD3v3-lp_PnDW28SaZy49wHwv-voLibR2RsMTBi5KbrPS7pUfqLW9SqUlosOcymJU6n4AdZZSGuNLRZXTUDLS6i2lffW8VnvE97Q"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 57357993
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 7859 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/window_focus_fy2021.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&h=600&slotname=2011037240&adk=2603624924&adf=3900128652&pi=t.ma~as.2011037240&w=265&fwrn=4&fwrnh=100&lmt=1683991264&rafmt=1&format=265x600&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1684629323749&bpp=3&bdt=213&idt=111&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_slotnames=7815341340&correlator=8233539887882&pv_h_ch=L0001&frm=20&pv=1&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=4604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZLb8TLvVbb&p=http%3A//s0c4abend.blogspot.com&dtd=115

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 20:27:15 GMT
content-encoding: br
x-content-type-options: nosniff
age: 14889
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 20:27:15 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/ Frame 7859 19 KB
8 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230517/r20110914/client/qs_click_protection_fy2021.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 10:36:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 50343
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 7953
x-xss-protection: 0
server: cafe
etag: 16153819885643670827
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 03 Jun 2023 10:36:21 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7859 170 KB
53 KB 36ms
36ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53893
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684322484769956"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 00:35:24 GMT

GET
H3 200 adview
googleads.g.doubleclick.net/pagead/ Frame 7859 0
0 51ms
50ms Fetch
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Cqv2tS2dpZKTUNYik-gaDs6OAD8me0rFczeGS93DAjbcBEAEgAGCVqp-CsAeCARdjYS1wdWItNTMzOTE3ODQ0NjgyNzU1NMgBCakCkmz4C7Mgsj6oAwGqBIICT9C8EAP4W2oRqbss8B0o35i6QZBdWco2Fei-iidyDvAWPXdRE2E7ZBF_eITuGMuzwhw8z-_jbsgN9y0pvVLdBNeVoem4rHwB2Rso5saGnBhFGauVUUuI9og4eQluFbbEgxB60aghuNLMX_ykIVRhrmHVpJYbCBSfnilRtMU5uC0vR846FgKKjZH6_FMQ1hBUtCVVSn0UTtF9AMUBCNIFC-QRGW3JYAXTF6lfzKW5a8Zl_OnapxilyvUApPHXncq1RyLV5re0f0wVgWVJo5dMH0XHsYTDGbImB4wyLWftj2vYLkO2a4rxuU-Cy7a06UQiPi692dBc03GWUffEGGmzm2fhgAbO2cLMkuLkt_oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQIAKAfoLAggBgAwB0BUBgBcBshcaChgSFHB1Yi01MzM5MTc4NDQ2ODI3NTU0GAA&sigh=6nabuCJnNTE&uach_m=[UACH]&cid=CAQSGwBygQiDWCj6iULQQRwC3spCHC2NjL7TSQUuFBgB

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&h=600&slotname=2011037240&adk=2603624924&adf=3900128652&pi=t.ma~as.2011037240&w=265&fwrn=4&fwrnh=100&lmt=1683991264&rafmt=1&format=265x600&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&host=ca-host-pub-1556223355139109&h_ch=L0001&fwr=0&rpe=1&resp_fmts=4&wgl=1&dt=1684629323749&bpp=3&bdt=213&idt=111&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_slotnames=7815341340&correlator=8233539887882&pv_h_ch=L0001&frm=20&pv=1&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=4604&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7CpeEbr%7C&abl=NS&pfx=0&fu=128&bc=23&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=ZLb8TLvVbb&p=http%3A//s0c4abend.blogspot.com&dtd=115
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Sun, 21 May 2023 00:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Sun, 21 May 2023 00:35:24 GMT

GET
H2 200 notify
rtb.fr3.eu.criteo.com/google/auction/ Frame 7859 0
0 35ms
21ms Fetch 2a02:2638:d::c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://rtb.fr3.eu.criteo.com/google/auction/notify?profile=14&payload=kPD_DMz6RIkC2ASdg2ICAgAAADHIqQF-SdkpEEtnaWSFsPVsC2QiZ0-fAAASAAAKCkFRVUJEd0VSRHc&wp=ZGlnSwANaiQK3pIIAAjZg6e3s5YO0nbACrlafw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
server-processing-duration-in-ticks: 164979
server: Kestrel
content-length: 0

GET
H2 200 afr.php Show response
ads.eu.criteo.com/delivery/r/ Frame 0BAD 229 KB
61 KB 95ms
95ms Document
text/html 2a02:2638:3::12
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGlnSwANaiQK3pIIAAjZg6e3s5YO0nbACrlafw&u=%7CfpBpTCFyGHHSzKDPkBxsf5E5zcdyi1u0o4w0lxJ2UWM%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRT_OX65cdoqVx7bzVNKabd9-gH2vBtkj6UH0I7xqoZvGN6JOij2aDtdG9G0i4ud3t8QSk2n3inAG9oxm7cN9nEn1oy4eGep1FYCoJh838O3U84iMqkwRQd7QarZSt_MVleJdVyuj7Nst1ALcUDNcNpU8rK2NSyAMiKXBsKbbVs_eM0hybt9qRSZIGC4DjGU191uF5ASWYVpfyrDB5lPtNpg94XrJ7RPLMm0kxIdz2GF_gGdfD99Dxm3GgXBvvqFJQxKzgeE8E_v5aINK2outU4ZUEr3cRyN9NRSwB8jw8Sg1rQini_n3gTh_fPXWPDhKmcINrSDIus1m_RE30sQpO658hEJNQx_OKsg7aUJJzpRFijZWw6gPugETFN8B8tAT2Qc0VEzqCTR6BMWGaQnyTzcz8WZ58aTrLiyq218tG1tUh-0jSLQmex9G3DFwJLIz2rZAtgcgtO1U7g1Ih2XakSLALIWNZvqhCqYXPn3petNJo44xFc16-d_8H6Fpw3SgGB7dIlPwkO8h_9MeFGxjF-5wJEFyga2oT2EkF-dcboJ4k1mesnAuSuM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUlqjS2dpZKTUNYik-gaDs6OAD8me0rFczeGS93DAjbcBEAEgAGCVqp-CsAeCARdjYS1wdWItNTMzOTE3ODQ0NjgyNzU1NMgBCakCkmz4C7Mgsj6oAwGqBIUCT9C8EAP4W2oRqbss8B0o35i6QZBdWco2Fei-iidyDvAWPXdRE2E7ZBF_eITuGMuzwhw8z-_jbsgN9y0pvVLdBNeVoem4rHwB2Rso5saGnBhFGauVUUuI9og4eQluFbbEgxB60aghuNLMX_ykIVRhrmHVpJYbCBSfnilRtMU5uC0vR846FgKKjZH6_FMQ1hBUtCVVSn0UTtF9AMUBCNIFC-QRGW3JYAXTF6lfzKW5a8Zl_OnapxilyvUApPHXncq1RyLV5re0f0wVgWVJo5dMH0XHsYTDGbImB4wyLSXvrvlfod-l1BblGp-_bU69_U6UNAClW2SU7tdk7unoAOwZH3RejPD2gAbO2cLMkuLkt_oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2t5wI18DXXPeOCe40NDhac1X_-Sg%26client%3Dca-pub-5339178446827554%26adurl%3D

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::12 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

84ee49301bb3ff38f7c17154d8b210313c736ef9ac453c1aceb5a848166973f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://googleads.g.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1000
cache-control: private, max-age=0, no-cache
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 00:35:23 GMT
expires: Mon, 26 Jul 1997 05:00:00 GMT
link: <pix.eu.criteo.net>; rel=preconnect; crossorigin, <static.criteo.net>; rel=preconnect; crossorigin
p3p: CP='CUR ADM OUR NOR STA NID'
pragma: no-cache
report-to: {"endpoints":[{"url":"https://csm.eu.criteo.net/heavyad?cppv=3&cpp=pwOhZSpqfDQfEm6_HfR1lsFkpstqfCBmc5MUi8I8nFx5TJ2FAEBQnLRPoRwsBixYsmaXwR818UANHu7MgCsUwYEXjJ_J7v9SnMZbzvyowb0Wnd3dPwTWB8i0MatU7Ac37djtCOspxAZJD1wxDU2oYASqzeQAvqLyhSJjXqzeUaA2AQZEl4ri6v3s6SAdU6knJ8Slt9aTCv3FQZXKRt1iKjWX-sgrVMcN5ArLvKSo84Q7DDp0nRiSK6wxiXBuWL_tF8GaYA"}], "max_age": 86400}
server: Kestrel
server-processing-duration-in-ticks: 69905623
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding

GET
DATA 200
OK truncated
/ Frame FCF9 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8763ef1f5802c2cf69fb835ee561af59f92cbde3955ec2a8f9dc028a1ea26142

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 7859 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a9947d2ebaa82ea3f3e6f6410b972d44145c79ef0733cc891c2d6b7d4f76f66b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 5466 2 KB
1 KB 45ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGlnSwANDckK4AjHAAFu7XtU_DAb7d89HaLWDQ&u=%7CfpBpTCFyGHFDNT7QeJAz9wR36OXHHNwFQXxYgpjzoaU%3D%7C&c1=TEbw32HdmhkgeNeeAzq5Zto3zNeDvGepN13Fr0UBnbNTYw15f7zsIOVODKEAq-i6u_XxH4jvtuu6J257JZOZu5CLG8O0goBcu1Nu5usrgja0-HpSxHHqCzCmZxDaNUulMIoWvV8ceql_rKaDZ8thMCSEWXJZ9uaYtlokThJ0hxmUyiv3WkzDXJ68aNZSytmD2l00gfzq_8YiZsrVhQ1KC9fwR_51x7haeVTk-v_wYGYU0b1azrBPGbGmrQqnzyh42zhUkaYyW0tJfEgWl3OfGgNlf7DAbhTVMN-oxLVpDKxsu8WzCW4snH1HQV5KD9akjUXTgipUzJhLa8MKqZ_CbILKIn5LloDwFYlhZSPEa7X5JGSvizcscZHn_CEt59PuVrEmOSdaVAzaR1NrQLPJLTX-iJo-WnvTAFNAqMqLm9Y95NeeDLBMCpdOAnu6prSbxabyMFLUawdeu7Dj5MQWWLvGeqI0XMz4_h5BvYMB1Yf-xl5XSRFKXhs3tKCYyDYIOijQn4U6KHEenRaxyQ1A3gsZynIuzrKYiEyHl0JUejtr2YuEhwXvZc4058qZnUVyT99pXpbsTGGWl6kutu2hVELUDKKzX0oBzToKlEb3uOZfMHYz9UNteQ&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCxkGBS2dpZMmbNMeRgAft3YXYB8me0rFc1Z2R93DAjbcBEAEgAGCVqp-CsAeCARdjYS1wdWItNTMzOTE3ODQ0NjgyNzU1NMgBCakCkmz4C7Mgsj6oAwHIAwKqBP8BT9DI9HkacFGx2TFvVXHon6YOmG--G9KUyuw7NgF0VM3xWZdnwL2AvS9jPFkbiyCwgrv9jZEs2aANwUhqN9H3PyXXvDaDRMzPAVM9qC_NE1GbXxo7ZC0do756Gqvm04Z9gI3IHeoG61_NfPs_u27Pl1cBjme68LM-PAojScjNByXOJ567yhLUMRh1AUnuQfXon9vSfrai6TeUKmqedKKCUmYPYbCe-t0-Yf_8n2wCi1bcYWXIaLZEfE262tGYYKbFS1FLZd77gRn5e_FHgS3niiDqfIjiTKkEmz8tckKc9fLFblQeU7zOwN245dZgo-gBxMo7LCf8JsaMKs2Szh8GgAa10N7TqYiLt9ABoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_0NKHyeoHJeYtXohvXBugM8bgqGCw%26client%3Dca-pub-5339178446827554%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 5466 2 KB
1 KB 44ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 5466 308 B
636 B 48ms
25ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 5466 293 B
621 B 48ms
26ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 5466 43 B
348 B 49ms
15ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=Agwgx296p-ZVHMhzVxBiwD3uvd0SWS_dv7MxCoPM_-8q88YDSsXcYSHQhVHenoUQQ0iQcjjroUqn97asmPlKuPTom2aq3T9xd1RhTtVTUnda_xVuCMaC46JhoFet2KjK85CECkNPM6eJBnEADIaCjiDish6kqq1XXxIv11FXrb8n2rwaQfvs3AHrEQeqA2gD_y0J_7zcNFDkJqx_spkHH5DkcMe5FgIjYXEiCbBwJEJUHKfj3e5NUMXocxWjg5F0wDJKZBpmIQX4Ot1Cu3olMStn9QfmIWq6YVou6yUk1HtYjUGZ7hsvcVOErb4rIHs3WpuOIk5y45nf03E6V18KS9iuSklM3FsPFKSiV-_9ZNpDkqsatd9chSfOG6wiOH2NQMAr-mYICqIKfwc72M8E3_egPizDg2Lqxzqh43-X7hmriM40

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1918236
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 privacy_small.svg
static.criteo.net/flash/icon/ Frame 0BAD 2 KB
1 KB 38ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy_small.svg

Requested by

Host: ads.eu.criteo.com
URL: https://ads.eu.criteo.com/delivery/r/afr.php?z=ZGlnSwANaiQK3pIIAAjZg6e3s5YO0nbACrlafw&u=%7CfpBpTCFyGHHSzKDPkBxsf5E5zcdyi1u0o4w0lxJ2UWM%3D%7C&c1=zhOks3zwNR2QJkrtGpxDD9qFQZVNz0gdA2xfz9nbXpHaAtV7mnkFRT_OX65cdoqVx7bzVNKabd9-gH2vBtkj6UH0I7xqoZvGN6JOij2aDtdG9G0i4ud3t8QSk2n3inAG9oxm7cN9nEn1oy4eGep1FYCoJh838O3U84iMqkwRQd7QarZSt_MVleJdVyuj7Nst1ALcUDNcNpU8rK2NSyAMiKXBsKbbVs_eM0hybt9qRSZIGC4DjGU191uF5ASWYVpfyrDB5lPtNpg94XrJ7RPLMm0kxIdz2GF_gGdfD99Dxm3GgXBvvqFJQxKzgeE8E_v5aINK2outU4ZUEr3cRyN9NRSwB8jw8Sg1rQini_n3gTh_fPXWPDhKmcINrSDIus1m_RE30sQpO658hEJNQx_OKsg7aUJJzpRFijZWw6gPugETFN8B8tAT2Qc0VEzqCTR6BMWGaQnyTzcz8WZ58aTrLiyq218tG1tUh-0jSLQmex9G3DFwJLIz2rZAtgcgtO1U7g1Ih2XakSLALIWNZvqhCqYXPn3petNJo44xFc16-d_8H6Fpw3SgGB7dIlPwkO8h_9MeFGxjF-5wJEFyga2oT2EkF-dcboJ4k1mesnAuSuM&ct0=https://adclick.g.doubleclick.net/aclk%3Fsa%3DL%26ai%3DCUlqjS2dpZKTUNYik-gaDs6OAD8me0rFczeGS93DAjbcBEAEgAGCVqp-CsAeCARdjYS1wdWItNTMzOTE3ODQ0NjgyNzU1NMgBCakCkmz4C7Mgsj6oAwGqBIUCT9C8EAP4W2oRqbss8B0o35i6QZBdWco2Fei-iidyDvAWPXdRE2E7ZBF_eITuGMuzwhw8z-_jbsgN9y0pvVLdBNeVoem4rHwB2Rso5saGnBhFGauVUUuI9og4eQluFbbEgxB60aghuNLMX_ykIVRhrmHVpJYbCBSfnilRtMU5uC0vR846FgKKjZH6_FMQ1hBUtCVVSn0UTtF9AMUBCNIFC-QRGW3JYAXTF6lfzKW5a8Zl_OnapxilyvUApPHXncq1RyLV5re0f0wVgWVJo5dMH0XHsYTDGbImB4wyLSXvrvlfod-l1BblGp-_bU69_U6UNAClW2SU7tdk7unoAOwZH3RejPD2gAbO2cLMkuLkt_oBoAYhqAemvhuoB5bYG6gHqpuxAqgHg62xAqgH_56xAqgH35-xAtgHANIIDwiA4YBwEAEyAusCOgKAQPoLAggBgAwB0BUBgBcB%26num%3D1%26sig%3DAOD64_2t5wI18DXXPeOCe40NDhac1X_-Sg%26client%3Dca-pub-5339178446827554%26adurl%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:30:28 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42ba84-6aa"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 adchoices_de.svg
static.criteo.net/flash/icon/ Frame 0BAD 2 KB
1 KB 39ms
15ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/adchoices_de.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 11 Feb 2020 14:27:58 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e42b9ee-763"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 close_button.svg
static.criteo.net/flash/icon/ Frame 0BAD 308 B
636 B 21ms
14ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/close_button.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Fri, 14 Feb 2020 13:51:32 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "5e46a5e4-134"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 308
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 back_button2.svg
static.criteo.net/flash/icon/ Frame 0BAD 293 B
621 B 33ms
26ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/back_button2.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 28 Apr 2022 09:09:48 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "626a59dc-125"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 293
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 lg.php
cat.nl3.eu.criteo.com/delivery/ Frame 0BAD 43 B
347 B 35ms
16ms Image
image/gif 178.250.1.6
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cat.nl3.eu.criteo.com/delivery/lg.php?cppv=3&cpp=dAHqFnYz92--JFSW3oV3zzlDWSWqxbYTa0CR153biLCGZhsR4rCEOrtxrwYW0xap6c8y9a9ZZsOoKYXBvyYvPvFdWkTToNy4i0scMBENCE-C3VMyDuIReIkAr50QdRnxjr9b8NbMBr5RRWXtkxJhbh-z5gqKiDydoJOnQavwfGumMD8WwNN7CchUbmcECX9WnyqXgGUqZBSdtXJ9w1ipBhbJdS4pdYp9lx9K_RajkV_iDs5-jVvaHkyfd4UedaaAwc0nA6vG4tDUqq8rYttJ__VKXB-6SqjrPogfs3wAUaAKo7t3TsA4ePeAqb_KfaxmEfHYZyrNPWh9hgNoDKyvBSCfCxvh848X17XWuEKsyLbNbwNE5CNicAvCdfQaGjuGzq37Rs2wX4k37qLaOTXoYKyGp8vSfg_HOJLGqoliDmKV4ITy-uCz7tMjNQhqhsbdOgskXw

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.1.6 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
server: Kestrel
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
content-type: image/gif
cache-control: no-cache
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1959429
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 webfontloader.js Show response
cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/ Frame 5466 12 KB
5 KB 35ms
16ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1409822
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4420
last-modified: Mon, 04 May 2020 16:17:52 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04030-30d9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UBqMtPvcBNmKstXSUSr3Ib6RP%2FMYAz8ZFP1KyocA2K0XkydNl2oydhlXNlGN3k5nZPVlTAputi4mFdyTaNR2h%2Bvh2lP%2BJh7IyQRjCC803tPfyOte8S8QpUYmsGo8QVis5%2F3vMGpagvS9tcdCdx%2Bnb%2BnZ"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7ca8bd3be8b43608-FRA
expires: Fri, 10 May 2024 00:35:24 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 5466 12 KB
6 KB 37ms
25ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5466 814 B
1005 B 78ms
42ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=76&m=0&partner=18240&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F18240%2F150217%2F837651.jpg&v=3&w=496&s=vru60wLVD89-zIgCY5FsVACg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=31104000
content-length: 814
expires: Sun, 14 Apr 2024 05:44:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5466 22 KB
22 KB 69ms
33ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1464800119_VS&v=3&w=400&s=5kqTOdzRJZzdxBYnUUFudNoZ&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

93201243f5c99e66b2004f4a988ee93552d6dac59a716c2591414eb847dd98bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1800
content-length: 22144
expires: Sun, 21 May 2023 00:48:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5466 20 KB
20 KB 93ms
57ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F0-Euro-BN_Snoopy_VS&v=3&w=400&s=eOQ0r7KqJsdZ6nkjB_XzrQvV&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8a89ba1fba1b7497ba10b257ab4ccd669218ea85de5ed4f839d1bf270d7cda04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1800
content-length: 20692
expires: Sun, 21 May 2023 00:57:56 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 5466 35 KB
35 KB 78ms
43ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=400&m=0&partner=18240&q=80&r=0&u=https%3A%2F%2Fi8.amplience.net%2Fi%2FMDM%2F1519820112_VS&v=3&w=400&s=VapbyZpw03L7r50hI8R4Hfjt&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

d752c105613e62d7ba95b45bc3e52a273c521d96d40630037069a0a5e5fc9898

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=1800
content-length: 35334
expires: Sun, 21 May 2023 00:52:36 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5466 0
128 B 65ms
21ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=HGRAlSpqfDQfEm6_8xVrPdASRFfOK4IyZYdJjH5tKBBx-_o1rHGUlUWqsApGy-VvV9NVHsRpruKPEq9TdE15azTwj-79tO9LaWi9jsq8sUuZkzBOqFX3py-_tWLUM35pBmzhpcCkLi5pKhbEYzE5G_iTLiZ_b5YNTYiae1Y9PzskxD3v3-lp_PnDW28SaZy49wHwv-voLibR2RsMTBi5KbrPS7pUfqLW9SqUlosOcymJU6n4AdZZSGuNLRZXTUDLS6i2lffW8VnvE97Q&sds=2&rev=86437&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 5466 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 5466 2 KB
1 KB 14ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 animejs.js Show response
static.criteo.net/animejs/ Frame 0BAD 12 KB
6 KB 14ms
14ms Script
text/javascript 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/animejs/animejs.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Tue, 26 Mar 2019 17:44:11 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5c9a64eb-3181"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 16 KB
16 KB 64ms
59ms Image
image/png 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?h=116&m=0&partner=25251&q=80&r=0&u=http%3A%2F%2Fstatic.nl3.eu.criteo.net%2Fdesign%2Fdt%2F25251%2F151210%2F88d71e7b7f1d4b15bc3e29c59a9542c2_ksb_logo_300px.png&v=3&w=526&s=AhrOtkdM_z_ca-xLhJVLdmxj

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2583b3be3caeb8104cffa2b6237ee68465f56ce66b1879138f9bef0c3fd11b7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/png
cache-control: public, max-age=31104000
content-length: 16320
expires: Tue, 16 Apr 2024 11:12:10 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 11 KB
11 KB 70ms
65ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25251&q=80&r=0&u=https%3A%2F%2Fwww.kraeuterhaus.de%2Ftemp%2Fexplorer%2Ffiles%2Fshop_articles%2F000500-000599%2F515_250x250px.jpg&v=3&w=800&s=_AOVzVY-lqNtvV6ndxyO2Byh&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3de293f280a6c99a96fab7b43fab3d2d0c5e7c1cd5d393bbdc5e64a4c5b7a084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 11226
expires: Thu, 15 Jun 2023 13:48:45 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 12 KB
12 KB 73ms
68ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25251&q=80&r=0&u=https%3A%2F%2Fwww.kraeuterhaus.de%2Ftemp%2Fexplorer%2Ffiles%2Fshop_articles%2F001800-001899%2F1851.jpg&v=3&w=800&s=WaixjzItCpD5vEfsmUNzDbZy&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

3c513789ed6e83bc86651603167ea32749a0c19f4129b34bff3bbb49d3714b70

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 12016
expires: Sun, 21 May 2023 08:07:13 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 5 KB
5 KB 70ms
65ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25251&q=80&r=0&u=https%3A%2F%2Fwww.kraeuterhaus.de%2Ftemp%2Fexplorer%2Ffiles%2Fshop_articles%2F000200-000299%2F239_250x250px.jpg&v=3&w=800&s=Cv0cXUdq2H5sZuzA9I5vd_w1&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

0fc7c09e692bb34730e3763f7c60684457a404e42705fe905f69d2d4ae64c870

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 5080
expires: Tue, 13 Jun 2023 19:05:29 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 4 KB
5 KB 75ms
70ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25251&q=80&r=0&u=https%3A%2F%2Fwww.kraeuterhaus.de%2Ftemp%2Fexplorer%2Ffiles%2Fshop_articles%2F001300-001399%2F1304_250x250px.jpg&v=3&w=800&s=8t41flfiZwG6QIyuitECKlAD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

70901b37b0599cd3775263ef8ef632862665f17e0552122aa7d7ad77557cb47e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 4596
expires: Wed, 14 Jun 2023 00:07:09 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 13 KB
13 KB 80ms
75ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25251&q=80&r=0&u=https%3A%2F%2Fwww.kraeuterhaus.de%2Ftemp%2Fexplorer%2Ffiles%2Fshop_articles%2F000300-000399%2F391_250x250px.jpg&v=3&w=800&s=rDz7ae7cJSvo1FpzHv7BMl0n&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

728fccf1cafdbdf5bd774ea10bcc0e7706d44712808f780bafb9aa4e92ac5a93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 12872
expires: Fri, 16 Jun 2023 07:03:19 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 4 KB
4 KB 63ms
62ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25251&q=80&r=0&u=https%3A%2F%2Fwww.kraeuterhaus.de%2Ftemp%2Fexplorer%2Ffiles%2Fshop_articles%2F000200-000299%2F259_250x250px.jpg&v=3&w=800&s=-gxUljQebwClKAyXRMlIyMiH&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

7fbfd305223f9f3e992150092939fa7fcbb8ff1f9e210caac1cfb196c4735fcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 3874
expires: Wed, 14 Jun 2023 00:37:53 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 9 KB
10 KB 60ms
60ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25251&q=80&r=0&u=https%3A%2F%2Fwww.kraeuterhaus.de%2Ftemp%2Fexplorer%2Ffiles%2Fshop_articles%2F000400-000499%2F477_250x250px.jpg&v=3&w=800&s=b16aKZDJe8NeibT1MUOCiYRD&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

eb0b96d7b9b20f1902727315fb8f073de278406b79d9ae8bf2afb1d9b7b0188f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:23 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 9548
expires: Tue, 13 Jun 2023 16:15:08 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 7 KB
7 KB 65ms
65ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25251&q=80&r=0&u=https%3A%2F%2Fwww.kraeuterhaus.de%2Ftemp%2Fexplorer%2Ffiles%2Fshop_articles%2F000100-000199%2F181_250x250px.jpg&v=3&w=800&s=Sb0aoqHX9Sgxt9xFAspKU_B9&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

8d9451e8acb38f42f0d7758781656636cacd405af7fa8e67ffbae6cb9f78b781

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 7076
expires: Tue, 13 Jun 2023 22:36:51 GMT

GET
H2 200 img
imageproxy.eu.criteo.net/img/ Frame 0BAD 8 KB
8 KB 63ms
63ms Image
image/webp 2a02:2638:d::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://imageproxy.eu.criteo.net/img/img?c=3&cq=256&h=800&m=0&partner=25251&q=80&r=0&u=https%3A%2F%2Fwww.kraeuterhaus.de%2Ftemp%2Fexplorer%2Ffiles%2Fshop_articles%2F000500-000599%2F563_250x250px.jpg&v=3&w=800&s=lf_3kY7phcGW9YA1cpmYHx-n&b=400

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Kestrel /

Resource Hash

2798a133d0a367426dc887d9bea50a2b2a6f772dcc4046243b202a71793b734b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 4 Jun 2008 06:06:06 GMT
server: Kestrel
content-type: image/webp
cache-control: public, max-age=2592000
content-length: 8356
expires: Tue, 13 Jun 2023 23:29:17 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 0BAD 0
127 B 34ms
22ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://csm.eu.criteo.net/all?cppv=3&cpp=pwOhZSpqfDQfEm6_HfR1lsFkpstqfCBmc5MUi8I8nFx5TJ2FAEBQnLRPoRwsBixYsmaXwR818UANHu7MgCsUwYEXjJ_J7v9SnMZbzvyowb0Wnd3dPwTWB8i0MatU7Ac37djtCOspxAZJD1wxDU2oYASqzeQAvqLyhSJjXqzeUaA2AQZEl4ri6v3s6SAdU6knJ8Slt9aTCv3FQZXKRt1iKjWX-sgrVMcN5ArLvKSo84Q7DDp0nRiSK6wxiXBuWL_tF8GaYA&sds=2&rev=86437&sendBeacon=true

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

GET
H2 200 criteo_logo_2021.svg
static.criteo.net/flash/icon/ Frame 0BAD 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/criteo_logo_2021.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 27 May 2021 13:21:59 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"60af9cf7-891"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 privacy.svg
static.criteo.net/flash/icon/ Frame 0BAD 2 KB
1 KB 13ms
13ms Image
image/svg+xml 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://static.criteo.net/flash/icon/privacy.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Wed, 19 Feb 2020 10:57:21 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"5e4d1491-646"
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H3 200 platform:gapi.iframes.style.common.js Show response
apis.google.com/js/ Frame BFDB 54 KB
21 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/platform:gapi.iframes.style.common.js

Requested by

Host: www.blogger.com
URL: https://www.blogger.com/navbar.g?targetBlogID=7919630485551574124&blogName=REXX!!+&publishMode=PUBLISH_MODE_BLOGSPOT&navbarType=LIGHT&layoutType=LAYOUTS&searchRoot=https://s0c4abend.blogspot.com/search&blogLocale=en&v=2&homepageUrl=http://s0c4abend.blogspot.com/&vt=1258395610665202509&usegapi=1&jsh=m%3B%2F_%2Fscs%2Fabc-static%2F_%2Fjs%2Fk%3Dgapi.lb.de.quWKHAGG1QE.O%2Fd%3D1%2Frs%3DAHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ%2Fm%3D__features__

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29570b8eb16a72782f234ebead6a550624927c00e0b99fd3168223b0a8183399

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding: gzip
x-content-type-options: nosniff
date: Sun, 21 May 2023 00:35:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 21036
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="gapi-team"
etag: "4d31ccb627575296"
vary: Accept-Encoding
report-to: {"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 21 May 2023 00:35:24 GMT

GET
H3 200 icons_peach.png
resources.blogblog.com/img/navbar/ Frame BFDB 907 B
930 B 8ms
8ms Image
image/png 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/icons_peach.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Thu, 18 May 2023 12:19:48 GMT
x-content-type-options: nosniff
last-modified: Thu, 18 May 2023 05:50:45 GMT
server: sffe
age: 216936
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 907
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Thu, 25 May 2023 12:19:48 GMT

GET
H3 200 arrows-light.png
resources.blogblog.com/img/navbar/ Frame BFDB 117 B
140 B 8ms
8ms Image
image/png 2a00:1450:4001:801::2009
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://resources.blogblog.com/img/navbar/arrows-light.png

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2009 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 12:06:23 GMT
x-content-type-options: nosniff
last-modified: Sat, 20 May 2023 06:51:08 GMT
server: sffe
age: 44941
report-to: {"group":"blogger-tech","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/blogger-tech"}]}
content-type: image/png
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 117
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="blogger-tech"
expires: Sat, 27 May 2023 12:06:23 GMT

GET
H2 200 sourcesanspro-400.css
static.criteo.net/design/googlefont/sourcesanspro/ Frame 5466 2 KB
854 B 13ms
13ms Stylesheet
text/css 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/webfont/1.6.28/webfontloader.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.eu.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:04 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1e0-8a8"
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H2 200 sourcesanspro-400-latin.woff2
static.criteo.net/design/googlefont/sourcesanspro/ Frame 5466 13 KB
13 KB 54ms
24ms Font
application/octet-stream 2a02:2638:3::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400-latin.woff2

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://static.criteo.net/design/googlefont/sourcesanspro/sourcesanspro-400.css
Origin: https://ads.eu.criteo.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
last-modified: Thu, 08 Dec 2022 14:17:03 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: W/"6391f1df-32ec"
content-type: text/plain; charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Wed, 15 May 2024 00:35:24 GMT

GET
H3 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/ Frame BFDB 134 KB
45 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.de.quWKHAGG1QE.O/m=gapi_iframes_style_common/rt=j/sv=1/d=1/ed=1/rs=AHpOoo-FBhA1aZ_gWZ06fFcx8vCwNNGKoQ/cb=gapi.loaded_0?le=scs

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/platform:gapi.iframes.style.common.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

05aab08beef56b64bc4f87314e6bca6d5c58095bdec0e704e91c38c21fa69ed2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.blogger.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 03:40:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 75323
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46005
x-xss-protection: 0
last-modified: Sat, 01 Apr 2023 15:23:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="social-frontend-mpm-access"
vary: Accept-Encoding
report-to: {"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 03:40:01 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
165 B 18ms
16ms Script
application/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=s0c4abend.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 18ms
17ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=s0c4abend.blogspot.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
121 B 43ms
42ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=DIV&id=cookieChoiceInfo&cls=cookie-choices-info%20singleton-element&ign=false&pw=1600&ph=1200&x=0&y=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 00:35:24 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DD2B 0
16 B 17ms
16ms Document
text/html 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&adk=1812271804&adf=3025194257&lmt=1683991264&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&plas=308x945_l%7C308x945_r&format=0x0&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&ea=0&host=ca-host-pub-1556223355139109&h_ch=L0001&pra=7&wgl=1&dt=1684629324341&bpp=2&bdt=805&idt=2&shv=r20230517&mjsv=m202305160101&ptt=9&saldr=aa&abxe=1&prev_fmts=265x600&prev_slotnames=7815341340&nras=1&correlator=8233539887882&pv_h_ch=L0001&frm=20&pv=1&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&psts=ABHeCvjKV6qhUAe2OmrhWMWP13Mz8ZpeHkr-gbIhzb-Z_1tShxWueCDSlUIgumMyoZwiXzRwTqAGiT-29Ynj%2CABHeCviuc2ZzrtzeSeHrircaUqLQn82jNl2XK2FiVir9XYOZT1TzJaeD2Dg1V4jvkflWqQAszAsiFk7zINhE&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=23&ifi=7&uci=a!7&fsb=1&dtd=17

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://s0c4abend.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 00:35:24 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 41ms
24ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20230517&st=env

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

35f4017df98e25695785102d4394e1ba8b045341926d53d1e84781646cd5df4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11340
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sun, 21 May 2023 00:35:24 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 0545 13 KB
5 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://s0c4abend.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 14885
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 20 May 2023 20:27:19 GMT
expires: Sun, 19 May 2024 20:27:19 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1E37 783 B
1 KB 44ms
20ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

543ae49b862eba10963ebe2b3de4db6a1c7477d2a6d2f378c1ea44aef9f72d3d

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-C3tJNuw8r-um4u1lOAgoBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://s0c4abend.blogspot.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 511
content-security-policy: script-src 'report-sample' 'nonce-C3tJNuw8r-um4u1lOAgoBw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Sun, 21 May 2023 00:35:24 GMT
expires: Sun, 21 May 2023 00:35:24 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js Show response
pagead2.googlesyndication.com/bg/ Frame 0545 37 KB
14 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/x4MEI6eqFB0dCdwpn32-R0gTDA087Zgj0u4bOKm75nA.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sat, 20 May 2023 23:31:17 GMT
content-encoding: br
x-content-type-options: nosniff
age: 3847
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14664
x-xss-protection: 0
last-modified: Mon, 15 May 2023 09:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 19 May 2024 23:31:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1E37 0
0 42ms
41ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20230517&jk=2401471219486547&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 0545 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:82b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?na7SaQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date: Sun, 21 May 2023 00:35:24 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 44ms
44ms Image
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gda_r20230517&jk=2401471219486547&bg=!v7ylvOjNAAZ8_aWmXP07ADkAdvg8WlsuSFfCh9GjSc0jlJAV0r-1NUu1xpLvUVZ3hXpcUEl7DRDZZTWdSyGg_w8KqAo_-rqD2mMCAAAAQVIAAAACaAEHmQKpV7Z3p--x-ReDBo42StsmAdnkUBUKlb6RtmaUS_c6Wd-bNo8CsvPZNxu-ZiNGfOJxHjbG_GynZsEg00Rsrul3KaF6RyQrVNl3X66RioaTbW7tivnJE5GWheMNEbYqzn0wdsH-dDS7t-iIdSp5knhe3Yp1qzdfjfaRVqntwgXTfp22shb5GVJ_4ori-U6HVkyLGZEE0TmlmpBGZrLMAKL8tqpAbOSNYa27Xp2-8wlxG726dgN_hfHE2HPlECHo2EYfifuVwgw8sJ--i5VBDn1653L3wry9P1un8McLg5vDZPiAzd6BaiHjTuZKEACscsT6Kf3UA15wStIyXvlMGPB9ajCM1V4EqV9I45HpmhSHiJaM9HzK4uEF8y7GNkWvSj6MBMnV8T2Mqu14E-U_vGzs2EyItTKg0lAB2gnB7Rsa3AaHVJ35gwgsMxcRCqvYXWbG_WeYwE7vJZdqajx7RQqNnK5NQBzUBw_08t2-pvHuBCW2iFP0Wmrzgt9gVcoosOFUOwws0TPI72Q4u41hBQJNSvHi1I2dnLogbK8Jcj8ZxgRhTJzY-LhLoXilPkJ1JxuTnytDLdyx_7nhZkeMbfIHJIZpSTyvJcerpK0LTv3OjC05BTNE8UoS-UOWJ2ZKTnnPDnPcj3CtTZj1f03hp-W0y1-Ohh7B7IvRBIBPg8l-L7myWLsbyNYgP2kW2KIL0Q4syAzlRDXGjaxHAFZSRwqw8FWU24Lc3Ewzlusv-92DHrp5d7DFUy-2ytLLtcCo383EwTEx0NSivE7K_S23sRvheSXiO0E51J45eNNx5iU4Cu_cWELJFJi1YmRMmwAjShpLI4pvnsf131br8UiAGHu5uaFOS2r_Ziycd7tBZUIqyy0x7Z7wn1WfbhW7jyb2XSznoQ5IYTmEIR4-
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://s0c4abend.blogspot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame FCF9 42 B
64 B 43ms
43ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstvyNe0ofLkNdtyQXrd--nyp8xYerDTGlYJQP-h0SQIfuEv5ycsy36ViwckSe9MrAtHjc-9wLVhqBfUjuxFNypJAvs&sig=Cg0ArKJSzDKrrEZC3w8QEAE&id=lidar2&mcvt=1000&p=0,0,250,250&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230517&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1836024212&rs=2&la=0&cr=0&vs=4&r=v&rst=1684629323841&rpt=228&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 21 May 2023 00:35:25 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 all
csm.eu.criteo.net/ Frame 5466 0
127 B 22ms
22ms Ping
text/plain 2a02:2638:d::11
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:d::11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Finatra /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.eu.criteo.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Sun, 21 May 2023 00:35:24 GMT
strict-transport-security: max-age=31536000; preload;
cross-origin-resource-policy: cross-origin
server: Finatra
content-length: 0

Verdicts & Comments Add Verdict or Comment

243 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

1 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.doubleclick.net/	1970-01-20 21:18:45	Name: IDE Value: AHWqTUnzLFtxdN87ASHGwUQ5ZIuB_EWYbLHxBlWd-zSmY42J4Tuv9gC_9lJEO7RCrMg

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://googleads.g.doubleclick.net/pagead/ads?npa=1&client=ca-pub-5339178446827554&output=html&h=250&slotname=7815341340&adk=1836024212&adf=562605490&pi=t.ma~as.7815341340&w=250&lmt=1683991264&url=http%3A%2F%2Fs0c4abend.blogspot.com%2F&host=ca-host-pub-1556223355139109&h_ch=L0001&wgl=1&dt=1684629323635&bpp=40&bdt=99&idt=190&shv=r20230517&mjsv=m202305160101&ptt=5&saldr=sa&abxe=1&correlator=8233539887882&frm=20&pv=2&ga_vid=673225254.1684629324&ga_sid=1684629324&ga_hid=1415344902&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&adx=970&ady=760&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759875%2C44759926%2C44759837%2C31074469%2C31074545%2C44785294%2C44788442%2C44789779%2C44792013&oid=2&pvsid=2401471219486547&tmod=556443652&uas=0&nvt=1&fc=640&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7Co%7Cpe%7C&abl=NS&pfx=0&fu=0&bc=23&ifi=1&uci=a!1&fsb=1&xpc=OOPzDYrimB&p=http%3A//s0c4abend.blogspot.com&dtd=205 Message: Origin trial controlled feature not enabled: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.eu.criteo.com
adservice.google.com
adservice.google.de
apis.google.com
cat.nl3.eu.criteo.com
cdnjs.cloudflare.com
csm.eu.criteo.net
fls-eu.amazon-adsystem.com
googleads.g.doubleclick.net
imageproxy.eu.criteo.net
m.media-amazon.com
pagead2.googlesyndication.com
partner.googleadservices.com
resources.blogblog.com
rtb.fr3.eu.criteo.com
s0c4abend.blogspot.com
static.criteo.net
themes.googleusercontent.com
tpc.googlesyndication.com
wms-in.amazon-adsystem.com
ws-in.amazon-adsystem.com
www.blogger.com
www.google.com
www.googletagservices.com
178.250.1.6
18.66.122.127
18.66.122.97
2600:9000:2491:8a00:1d:d7f6:39d2:2dc1
2606:4700::6811:190e
2a00:1450:4001:801::2009
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a02:2638:3::12
2a02:2638:3::3
2a02:2638:d::11
2a02:2638:d::13
2a02:2638:d::c
52.94.216.147
52.94.216.221
01ba4719c80b6fe911b091a7c05124b64eeece964e09c058ef8f9805daca546b
032c65a4eb9b0ea18c047c4218ca9e1adb6b7d6fee487320e72492bcd4ecce72
05aab08beef56b64bc4f87314e6bca6d5c58095bdec0e704e91c38c21fa69ed2
068ffe90977f2b5b2dc2ef18572166e85281bd0ecb31c4902464b23db54d2568
095c997695f6a290fdba58b778eb0a0fdcdd9c108669e41265527a262223f1e6
0fc7c09e692bb34730e3763f7c60684457a404e42705fe905f69d2d4ae64c870
22d4568a71f29fbca7b04a016273d0f5cd8ac060958bcca78e225d9314b66868
2583b3be3caeb8104cffa2b6237ee68465f56ce66b1879138f9bef0c3fd11b7b
2798a133d0a367426dc887d9bea50a2b2a6f772dcc4046243b202a71793b734b
29570b8eb16a72782f234ebead6a550624927c00e0b99fd3168223b0a8183399
2e761f8c0e7f37f9e1fc2717d7706596bf6103091b4878b332bf4e9b86349fee
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32bcc551da9eedbbd18711aba3600ba749f2dd7b9462e1093d8902dd09518b4f
35f4017df98e25695785102d4394e1ba8b045341926d53d1e84781646cd5df4e
36e48b9c355752e1949ed933ac0a137a729a08174646b2bc705d6a97b9208078
38062161f9ad5d3b3723d4ddcf417bec812346722e22345565aba8667532c558
380be71e72fb28899a6cf71bad4434677a6df3a2fcce56d23c28bc4794549047
3829a5b2ade7cfc416c80b8f3df71e49e68672875f025d525223978f5cee3fd3
3c513789ed6e83bc86651603167ea32749a0c19f4129b34bff3bbb49d3714b70
3de293f280a6c99a96fab7b43fab3d2d0c5e7c1cd5d393bbdc5e64a4c5b7a084
47d66a97dd9e4ae073078b5dcd843a74baf83776f2dd8dff131b1b6ea9209698
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5007dac1365dd925963e4bc2ff805516823a6d61e200ca67066b8e0b843887be
505ebc941cea878512761897ec372cb05c0deea229988b41da88dae31cae1715
543ae49b862eba10963ebe2b3de4db6a1c7477d2a6d2f378c1ea44aef9f72d3d
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6330c7a831bf641f1fc1ae115b02900b25e4786f461bbfc3a3301bab2d319b93
70901b37b0599cd3775263ef8ef632862665f17e0552122aa7d7ad77557cb47e
725e869434fef8013208ed4c233d29744f9b363f867dcfb8f23e862880fa699a
728fccf1cafdbdf5bd774ea10bcc0e7706d44712808f780bafb9aa4e92ac5a93
72be8098b87d7e2d7fbc6eb0a3eaebcf1013186d7733cd340549f9e1701a4865
73dabdce835eda27d022bdf4e86ede2230af3810a2ecf57646b48a509a4db0f5
7fbfd305223f9f3e992150092939fa7fcbb8ff1f9e210caac1cfb196c4735fcc
84ee49301bb3ff38f7c17154d8b210313c736ef9ac453c1aceb5a848166973f6
8763ef1f5802c2cf69fb835ee561af59f92cbde3955ec2a8f9dc028a1ea26142
8a89ba1fba1b7497ba10b257ab4ccd669218ea85de5ed4f839d1bf270d7cda04
8d9451e8acb38f42f0d7758781656636cacd405af7fa8e67ffbae6cb9f78b781
8ec89605fe3d580e9539c7b858e8f69ba4e26fe06377ebe04585397de23a7395
93201243f5c99e66b2004f4a988ee93552d6dac59a716c2591414eb847dd98bf
9df1ad09e8ee902ee6a76cf88df57306868ca4ee532d74830fbcfe4db8bdf39d
a0e62ca4a82bef79bbe9dc2aba6c0782a7d8eca046bb1baa30ee91ec37931553
a2e14a498cfcc1b6920f069a9d657ad3c6fbbe217dd26dbfe54815db5107fed6
a3a64aea2e96ec58a163ddb8d4cf86cf236178ed2d225b8f44154bc1b010ddce
a3e934124770fe81eee7c9fc2e5f3577b35165fb1b9075eba79bfba89adee245
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a71fdb2af0679f36edbf63eb7944dc2403c85572d9de916cfcb12bf6277c5c37
a9947d2ebaa82ea3f3e6f6410b972d44145c79ef0733cc891c2d6b7d4f76f66b
a9ca837900b6ae007386d400f659c233120b8af7d93407fd6475c9180d9e83d2
aa6db0eec3c9eb35fc54903ea62462e80c7e508f1ce8f157f72e41397bbbe924
b7c11acd83abe3c698e2377ad07a4cfa7bc4c1181855a6655f022eaa0d573935
bb6685107846b4c25384202730b84ec168fecee197e5f9e3fe8ffdd5bed6749d
c1da7de886902ef5710584c218b921467311eabec684a37345566ffedc6b3729
c7830423a7aa141d1d09dc299f7dbe4748130c0d3ced9823d2ee1b38a9bbe670
ca9848e6006cfec8f9ffa29433ade8152204bdb95579200831c6dc0f53dff70b
ccecd185ac16ba0a538840f37701053fbb861f7fbbdd86039c7415fcd924d1f2
d51105af85114f8e1637892f3971892eeaff4acb5d8ce2cbeb0eae526c1a1372
d576be5f516a4a72b8e2f85d61de19966d749c9b84066864dc686bf4e6cfbac9
d72910a128c207de361416616b266527dcb0d1ba98e8cd6344ef60286f0a6c9b
d752c105613e62d7ba95b45bc3e52a273c521d96d40630037069a0a5e5fc9898
e0ee294b5487df566aad23b603fd902535634cfa957be8e7620396515afb1047
e1464c8c76a1f2163c988d447fcf8e92121d06e382224a4c0c5d1ae17ef21c0d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
eb0b96d7b9b20f1902727315fb8f073de278406b79d9ae8bf2afb1d9b7b0188f
eb7a209e3af2f5e7045a326f81414b39f02551eb158e859c190a7a84db7c4d5d
edb79682e63246515260549ce35ef25b28017be72a0f1f7701eff54b6cc54f1c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5ac04f16be2eb0fbb4477e9e100a88674bda296ce7acf2419ec2898858b37f1
fb10aade170c3ee6dd3b800edb6fb5544ab1a89e7da24551297c159e491b5d6b
fc9069bbb8d6899c9bbc3413bf29346acbc9ca4ba17ede13daa7f9113e3c942b

s0c4abend.blogspot.com Open in urlscan Pro 2a00:1450:4001:809::2001 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

98 Requests

86 %HTTPS

78 %IPv6

15 Domains

24 Subdomains

23 IPs

4 Countries

1137 kBTransfer

2636 kBSize

1 Cookies

45 Outgoing links

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

s0c4abend.blogspot.com Open in urlscan Pro
2a00:1450:4001:809::2001 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

86 %
HTTPS

78 %
IPv6

15
Domains

24
Subdomains

23
IPs

4
Countries

1137 kB
Transfer

2636 kB
Size

1
Cookies

98 HTTP transactions
2 data transactions